feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of https://github.com/wolfSSL/wolfssl

Browse Source
This commit is contained in:
Ludovic FLAMENT
2015-08-13 10:20:47 +02:00
parent 281ba1c4c5
commit 838a873cf1
98 changed files with 3195 additions and 794 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
IDE/IAR-EWARM/Projects/lib/wolfSSL-Lib.ewp
View File

@@ -1956,9 +1956,15 @@
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\error.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\fe_low_mem.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\fe_operations.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\ge_low_mem.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\ge_operations.c</name>
</file>
@@ -2022,9 +2028,15 @@
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\sha512.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\srp.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\tfm.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\wc_encrypt.c</name>
</file>
<file>
<name>$PROJ_DIR$\..\..\..\..\wolfcrypt\src\wc_port.c</name>
</file>

2
IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c
View File

@@ -797,7 +797,7 @@ void bench_blake2(void)
#if !defined(NO_RSA) || !defined(NO_DH) \
|| defined(CYASSL_KEYGEN) || defined(HAVE_ECC)
static RNG rng;
static WC_RNG rng;
#endif
#ifndef NO_RSA

16
IDE/MDK5-ARM/Projects/CryptTest/test.c
View File

@@ -2667,7 +2667,7 @@ int random_test(void)
int random_test(void)
{
RNG rng;
WC_RNG rng;
byte block[32];
int ret;
@@ -2693,7 +2693,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out);
byte GetEntropy(ENTROPY_CMD cmd, byte* out)
{
static RNG rng;
static WC_RNG rng;
if (cmd == INIT)
return (InitRng(&rng) == 0) ? 1 : 0;
@@ -2768,7 +2768,7 @@ int rsa_test(void)
byte* tmp;
size_t bytes;
RsaKey key;
RNG rng;
WC_RNG rng;
word32 idx = 0;
int ret;
byte in[] = "Everyone gets Friday off.";
@@ -3652,7 +3652,7 @@ int dh_test(void)
byte agree2[256];
DhKey key;
DhKey key2;
RNG rng;
WC_RNG rng;
#ifdef USE_CERT_BUFFERS_1024
@@ -3725,7 +3725,7 @@ int dsa_test(void)
word32 idx = 0;
byte tmp[1024];
DsaKey key;
RNG rng;
WC_RNG rng;
Sha sha;
byte hash[SHA_DIGEST_SIZE];
byte signature[40];
@@ -4200,7 +4200,7 @@ int hkdf_test(void)
int ecc_test(void)
{
RNG rng;
WC_RNG rng;
byte sharedA[1024];
byte sharedB[1024];
byte sig[1024];
@@ -4300,7 +4300,7 @@ int ecc_test(void)
int ecc_encrypt_test(void)
{
RNG rng;
WC_RNG rng;
int ret;
ecc_key userA, userB;
byte msg[48];
@@ -4669,7 +4669,7 @@ int pkcs7signed_test(void)
char data[] = "Hello World";
word32 dataSz, outSz, certDerSz, keyDerSz;
PKCS7 msg;
RNG rng;
WC_RNG rng;
byte transIdOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,

2
IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c
View File

@@ -772,7 +772,7 @@ void bench_blake2(void)
#if !defined(NO_RSA) || !defined(NO_DH) \
|| defined(CYASSL_KEYGEN) || defined(HAVE_ECC)
static RNG rng;
static WC_RNG rng;
#endif
#ifndef NO_RSA

16
IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
View File

@@ -2583,7 +2583,7 @@ int camellia_test(void)
int random_test(void)
{
RNG rng;
WC_RNG rng;
byte block[32];
int ret;
@@ -2607,7 +2607,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out);
byte GetEntropy(ENTROPY_CMD cmd, byte* out)
{
static RNG rng;
static WC_RNG rng;
if (cmd == INIT)
return (InitRng(&rng) == 0) ? 1 : 0;
@@ -2682,7 +2682,7 @@ int rsa_test(void)
byte* tmp;
size_t bytes;
RsaKey key;
RNG rng;
WC_RNG rng;
word32 idx = 0;
int ret;
byte in[] = "Everyone gets Friday off.";
@@ -3558,7 +3558,7 @@ int dh_test(void)
byte agree2[256];
DhKey key;
DhKey key2;
RNG rng;
WC_RNG rng;
#ifdef USE_CERT_BUFFERS_1024
@@ -3631,7 +3631,7 @@ int dsa_test(void)
word32 idx = 0;
byte tmp[1024];
DsaKey key;
RNG rng;
WC_RNG rng;
Sha sha;
byte hash[SHA_DIGEST_SIZE];
byte signature[40];
@@ -4098,7 +4098,7 @@ int hkdf_test(void)
int ecc_test(void)
{
RNG rng;
WC_RNG rng;
byte sharedA[1024];
byte sharedB[1024];
byte sig[1024];
@@ -4198,7 +4198,7 @@ int ecc_test(void)
int ecc_encrypt_test(void)
{
RNG rng;
WC_RNG rng;
int ret;
ecc_key userA, userB;
byte msg[48];
@@ -4564,7 +4564,7 @@ int pkcs7signed_test(void)
char data[] = "Hello World";
word32 dataSz, outSz, certDerSz, keyDerSz;
PKCS7 msg;
RNG rng;
WC_RNG rng;
byte transIdOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,

5
IDE/MYSQL/CMakeLists_wolfCrypt.txt
View File

@@ -29,14 +29,15 @@ SET(WOLFCRYPT_SOURCES src/aes.c src/arc4.c src/asn.c src/blake2b.c
src/integer.c src/logging.c src/md2.c src/md4.c src/md5.c src/memory.c
src/misc.c src/pkcs7.c src/poly1305.c src/pwdbased.c src/rabbit.c
src/random.c src/ripemd.c src/rsa.c src/sha.c src/sha256.c src/sha512.c
src/tfm.c src/wc_port.c
src/tfm.c src/wc_port.c src/wc_encrypt.c src/hash.c
../wolfssl/wolfcrypt/aes.h ../wolfssl/wolfcrypt/arc4.h ../wolfssl/wolfcrypt/asn.h ../wolfssl/wolfcrypt/blake2.h
../wolfssl/wolfcrypt/camellia.h ../wolfssl/wolfcrypt/chacha.h ../wolfssl/wolfcrypt/coding.h ../wolfssl/wolfcrypt/compress.h ../wolfssl/wolfcrypt/des3.h
../wolfssl/wolfcrypt/dh.h ../wolfssl/wolfcrypt/dsa.h ../wolfssl/wolfcrypt/ecc.h ../wolfssl/wolfcrypt/error-crypt.h ../wolfssl/wolfcrypt/hc128.h ../wolfssl/wolfcrypt/hmac.h
../wolfssl/wolfcrypt/integer.h ../wolfssl/wolfcrypt/logging.h ../wolfssl/wolfcrypt/md2.h ../wolfssl/wolfcrypt/md4.h ../wolfssl/wolfcrypt/md5.h ../wolfssl/wolfcrypt/memory.h
../wolfssl/wolfcrypt/misc.h ../wolfssl/wolfcrypt/pkcs7.h ../wolfssl/wolfcrypt/poly1305.h ../wolfssl/wolfcrypt/pwdbased.h ../wolfssl/wolfcrypt/rabbit.h
../wolfssl/wolfcrypt/random.h ../wolfssl/wolfcrypt/ripemd.h ../wolfssl/wolfcrypt/rsa.h ../wolfssl/wolfcrypt/sha.h ../wolfssl/wolfcrypt/sha256.h ../wolfssl/wolfcrypt/sha512.h
../wolfssl/wolfcrypt/tfm.h ../wolfssl/wolfcrypt/wc_port.h
../wolfssl/wolfcrypt/tfm.h ../wolfssl/wolfcrypt/wc_port.h ../wolfssl/wolfcrypt/wc_encrypt.h
../wolfssl/wolfcrypt/hash.h
)
ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES})

8
IDE/iOS/wolfssl-FIPS.xcodeproj/project.pbxproj
View File

@@ -165,6 +165,8 @@
521648271A8AC2990062516A /* sha512.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481A1A8AC2990062516A /* sha512.c */; };
521648281A8AC2990062516A /* wolfcrypt_first.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481B1A8AC2990062516A /* wolfcrypt_first.c */; };
521648291A8AC2990062516A /* wolfcrypt_last.c in Sources */ = {isa = PBXBuildFile; fileRef = 5216481C1A8AC2990062516A /* wolfcrypt_last.c */; };
522DBE111B7929C80031F454 /* wc_encrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 522DBE101B7929C80031F454 /* wc_encrypt.c */; };
522DBE131B792A190031F454 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE121B7929E70031F454 /* wc_encrypt.h */; };
525BE5BA1B38853E0054BBCD /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = 525BE5B91B38853E0054BBCD /* hash.c */; };
525BE5BC1B3885750054BBCD /* hash.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 525BE5BB1B3885580054BBCD /* hash.h */; };
/* End PBXBuildFile section */
@@ -176,6 +178,7 @@
dstPath = include/wolfssl/wolfcrypt;
dstSubfolderSpec = 7;
files = (
522DBE131B792A190031F454 /* wc_encrypt.h in CopyFiles */,
525BE5BC1B3885750054BBCD /* hash.h in CopyFiles */,
521646CD1A8A7FF30062516A /* aes.h in CopyFiles */,
521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */,
@@ -473,6 +476,8 @@
5216481A1A8AC2990062516A /* sha512.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha512.c; path = ../../ctaocrypt/src/sha512.c; sourceTree = "<group>"; };
5216481B1A8AC2990062516A /* wolfcrypt_first.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfcrypt_first.c; path = ../../ctaocrypt/src/wolfcrypt_first.c; sourceTree = "<group>"; };
5216481C1A8AC2990062516A /* wolfcrypt_last.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wolfcrypt_last.c; path = ../../ctaocrypt/src/wolfcrypt_last.c; sourceTree = "<group>"; };
522DBE101B7929C80031F454 /* wc_encrypt.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_encrypt.c; path = ../../wolfcrypt/src/wc_encrypt.c; sourceTree = SOURCE_ROOT; };
522DBE121B7929E70031F454 /* wc_encrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_encrypt.h; path = ../../wolfssl/wolfcrypt/wc_encrypt.h; sourceTree = "<group>"; };
525BE5B91B38853E0054BBCD /* hash.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hash.c; path = ../../wolfcrypt/src/hash.c; sourceTree = "<group>"; };
525BE5BB1B3885580054BBCD /* hash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hash.h; path = ../../wolfssl/wolfcrypt/hash.h; sourceTree = "<group>"; };
52B1344D16F3C9E800C07B32 /* libwolfssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libwolfssl.a; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -613,6 +618,7 @@
521646861A8993770062516A /* tfm.h */,
521646871A8993770062516A /* types.h */,
521646881A8993770062516A /* visibility.h */,
522DBE121B7929E70031F454 /* wc_encrypt.h */,
521646891A8993770062516A /* wc_port.h */,
);
name = wolfCrypt;
@@ -680,6 +686,7 @@
5216462E1A8992CC0062516A /* sha256.c */,
5216462F1A8992CC0062516A /* sha512.c */,
521646301A8992CC0062516A /* tfm.c */,
522DBE101B7929C80031F454 /* wc_encrypt.c */,
521646311A8992CC0062516A /* wc_port.c */,
);
name = wolfCrypt;
@@ -828,6 +835,7 @@
521646351A8992CC0062516A /* blake2b.c in Sources */,
5216464C1A8992CC0062516A /* ripemd.c in Sources */,
521646451A8992CC0062516A /* memory.c in Sources */,
522DBE111B7929C80031F454 /* wc_encrypt.c in Sources */,
5216463C1A8992CC0062516A /* ecc.c in Sources */,
5216464F1A8992CC0062516A /* sha256.c in Sources */,
521646371A8992CC0062516A /* chacha.c in Sources */,

8
IDE/iOS/wolfssl.xcodeproj/project.pbxproj
View File

@@ -153,6 +153,8 @@
5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
522DBE0D1B7926FB0031F454 /* wc_encrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 522DBE0C1B7926FB0031F454 /* wc_encrypt.c */; };
522DBE0F1B7927A50031F454 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE0E1B7927290031F454 /* wc_encrypt.h */; };
525BE5341B3869110054BBCD /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = 525BE5331B3869110054BBCD /* hash.c */; };
525BE5361B3869780054BBCD /* hash.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 525BE5351B3869430054BBCD /* hash.h */; };
/* End PBXBuildFile section */
@@ -164,6 +166,7 @@
dstPath = include/wolfssl/wolfcrypt;
dstSubfolderSpec = 7;
files = (
522DBE0F1B7927A50031F454 /* wc_encrypt.h in CopyFiles */,
525BE5361B3869780054BBCD /* hash.h in CopyFiles */,
521646CD1A8A7FF30062516A /* aes.h in CopyFiles */,
521646CE1A8A7FF30062516A /* arc4.h in CopyFiles */,
@@ -449,6 +452,8 @@
521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = "<group>"; };
521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = "<group>"; };
521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = "<group>"; };
522DBE0C1B7926FB0031F454 /* wc_encrypt.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_encrypt.c; path = ../../wolfcrypt/src/wc_encrypt.c; sourceTree = SOURCE_ROOT; };
522DBE0E1B7927290031F454 /* wc_encrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_encrypt.h; path = ../../wolfssl/wolfcrypt/wc_encrypt.h; sourceTree = "<group>"; };
525BE5331B3869110054BBCD /* hash.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hash.c; path = ../../wolfcrypt/src/hash.c; sourceTree = "<group>"; };
525BE5351B3869430054BBCD /* hash.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hash.h; path = ../../wolfssl/wolfcrypt/hash.h; sourceTree = "<group>"; };
52B1344D16F3C9E800C07B32 /* libwolfssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libwolfssl.a; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -589,6 +594,7 @@
521646861A8993770062516A /* tfm.h */,
521646871A8993770062516A /* types.h */,
521646881A8993770062516A /* visibility.h */,
522DBE0E1B7927290031F454 /* wc_encrypt.h */,
521646891A8993770062516A /* wc_port.h */,
);
name = wolfCrypt;
@@ -655,6 +661,7 @@
5216462E1A8992CC0062516A /* sha256.c */,
5216462F1A8992CC0062516A /* sha512.c */,
521646301A8992CC0062516A /* tfm.c */,
522DBE0C1B7926FB0031F454 /* wc_encrypt.c */,
521646311A8992CC0062516A /* wc_port.c */,
);
name = wolfCrypt;
@@ -764,6 +771,7 @@
5216460F1A89928E0062516A /* ssl.c in Sources */,
5216464D1A8992CC0062516A /* rsa.c in Sources */,
5216464B1A8992CC0062516A /* random.c in Sources */,
522DBE0D1B7926FB0031F454 /* wc_encrypt.c in Sources */,
521646101A89928E0062516A /* tls.c in Sources */,
5216460D1A89928E0062516A /* ocsp.c in Sources */,
521646431A8992CC0062516A /* md4.c in Sources */,

12
autogen.sh
View File

@@ -9,17 +9,7 @@ if test -d .git; then
mkdir .git/hooks
fi
ln -s -f ../../pre-commit.sh .git/hooks/pre-commit
fi
# Set HAVE_FIPS_SOURCE to 1 in your .profile if you have access to the FIPS
# repository. (Hint: If you don't work for us, you don't. This will fail.)
if test -n "$HAVE_FIPS_SOURCE" -a ! -d ./fips; then
git clone git@github.com:wolfSSL/fips.git
SAVEDIR=`pwd`
cd ./ctaocrypt/src
ln -sf ../../fips/fips.c
ln -sf ../../fips/fips_test.c
cd $SAVEDIR
ln -s -f ../../pre-push.sh .git/hooks/pre-push
fi
# If this is a source checkout then call autoreconf with error as well

8
commit-tests.sh
View File

@@ -31,12 +31,4 @@ make -j 8 test;
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFull config make test failed" && exit 1
if [ -n "$HAVE_FIPS_SOURCE" ];
then
echo -e "\n\nTesting with FIPS release code...\n\n"
./fips-check.sh
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFIPS build test failed" && exit 1
fi
exit 0

44
configure.ac
View File

@@ -6,7 +6,7 @@
#
#
AC_INIT([wolfssl],[3.6.2],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
AC_INIT([wolfssl],[3.6.3],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com])
AC_CONFIG_AUX_DIR([build-aux])
@@ -887,6 +887,19 @@ else
fi
# SSLv3
AC_ARG_ENABLE([sslv3],
[ --enable-sslv3 Enable SSL version 3.0 (default: disabled)],
[ ENABLED_SSLV3=$enableval ],
[ ENABLED_SSLV3=no]
)
if test "$ENABLED_SSLV3" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
fi
# STACK SIZE info for examples
AC_ARG_ENABLE([stacksize],
[ --enable-stacksize Enable stack size info on examples (default: disabled)],
@@ -1658,6 +1671,22 @@ then
fi
# Secure Remote Password
AC_ARG_ENABLE([srp],
[ --enable-srp Enable Secure Remote Password (default: disabled)],
[ ENABLED_SRP=$enableval ],
[ ENABLED_SRP=no ]
)
if test "x$ENABLED_SRP" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_HAVE_SRP"
fi
AM_CONDITIONAL([BUILD_SRP], [test "x$ENABLED_SRP" = "xyes"])
# Small Stack
AC_ARG_ENABLE([smallstack],
[ --enable-smallstack Enable Small Stack Usage (default: disabled)],
@@ -2112,6 +2141,10 @@ AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
[AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
ENABLED_OLD_TLS=no])
AS_IF([test "x$ENABLED_MAXSTRENGTH" = "xyes" && \
test "x$ENABLED_SSLV3" = "xyes"],
[AC_MSG_ERROR([Cannot use Max Strength and SSLv3 at the same time.])])
# OPTIMIZE FLAGS
if test "$GCC" = "yes"
@@ -2138,6 +2171,12 @@ then
AM_CFLAGS="$AM_CFLAGS -wd10006"
fi
# Expose HAVE___UINT128_T to options flags"
if test "$ac_cv_type___uint128_t" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE___UINT128_T"
fi
LIB_SOCKET_NSL
AX_HARDEN_CC_COMPILER_FLAGS
@@ -2337,6 +2376,7 @@ echo " * STUNNEL: $ENABLED_STUNNEL"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS"
echo " * Old TLS Versions: $ENABLED_OLD_TLS"
echo " * SSL version 3.0: $ENABLED_SSLV3"
echo " * OCSP: $ENABLED_OCSP"
echo " * CRL: $ENABLED_CRL"
echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR"
@@ -2355,10 +2395,10 @@ echo " * Session Ticket: $ENABLED_SESSION_TICKET"
echo " * All TLS Extensions: $ENABLED_TLSX"
echo " * PKCS#7 $ENABLED_PKCS7"
echo " * wolfSCEP $ENABLED_WOLFSCEP"
echo " * Secure Remote Password $ENABLED_SRP"
echo " * Small Stack: $ENABLED_SMALL_STACK"
echo " * valgrind unit tests: $ENABLED_VALGRIND"
echo " * LIBZ: $ENABLED_LIBZ"
echo " * Examples: $ENABLED_EXAMPLES"
echo ""
echo "---"

3
examples/client/client.c
View File

@@ -530,10 +530,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
switch (version) {
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
case 0:
method = wolfSSLv3_client_method();
break;
#endif
#ifndef NO_TLS
case 1:

4
examples/echoclient/echoclient.c
View File

@@ -111,8 +111,10 @@ void echoclient_test(void* args)
method = DTLSv1_2_client_method();
#elif !defined(NO_TLS)
method = CyaSSLv23_client_method();
#else
#elif defined(WOLFSSL_ALLOW_SSLV3)
method = SSLv3_client_method();
#else
#error "no valid client method type"
#endif
ctx = SSL_CTX_new(method);

4
examples/echoserver/echoserver.c
View File

@@ -132,8 +132,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
method = CyaDTLSv1_2_server_method();
#elif !defined(NO_TLS)
method = CyaSSLv23_server_method();
#else
#elif defined(WOLFSSL_ALLOW_SSLV3)
method = CyaSSLv3_server_method();
#else
#error "no valid server method built in"
#endif
ctx = CyaSSL_CTX_new(method);
/* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */

19
examples/server/server.c
View File

@@ -158,6 +158,9 @@ static void Usage(void)
#ifdef HAVE_ANON
printf("-a Anonymous server\n");
#endif
#ifndef NO_PSK
printf("-I Do not send PSK identity hint\n");
#endif
}
THREAD_RETURN CYASSL_THREAD server_test(void* args)
@@ -199,6 +202,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
#ifndef NO_PSK
int sendPskIdentityHint = 1;
#endif
#ifdef HAVE_SNI
char* sniHostName = NULL;
#endif
@@ -230,7 +237,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
fdOpenSession(Task_self());
#endif
while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPp:v:l:A:c:k:Z:S:oO:D:"))
while ((ch = mygetopt(argc, argv, "?dbstnNufrRawPIp:v:l:A:c:k:Z:S:oO:D:"))
!= -1) {
switch (ch) {
case '?' :
@@ -363,6 +370,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
useAnon = 1;
#endif
break;
case 'I':
#ifndef NO_PSK
sendPskIdentityHint = 0;
#endif
break;
default:
Usage();
@@ -395,9 +407,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
switch (version) {
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
case 0:
method = SSLv3_server_method();
break;
#endif
#ifndef NO_TLS
case 1:
@@ -500,7 +514,10 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
if (usePsk) {
#ifndef NO_PSK
SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
if (sendPskIdentityHint == 1)
SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
if (cipherList == NULL) {
const char *defaultCipherList;
#if defined(HAVE_AESGCM) && !defined(NO_DH)

10
fips-check.sh
View File

@@ -79,13 +79,13 @@ linux)
esac
git clone . $TEST_DIR
[ $? -ne 0 ] && echo -e "\n\nCouldn't duplicate current working directory.\n\n" && exit 1
[ $? -ne 0 ] && echo "\n\nCouldn't duplicate current working directory.\n\n" && exit 1
pushd $TEST_DIR
# make a clone of the last FIPS release tag
git clone -b $CTAO_VERSION $CTAO_REPO old-tree
[ $? -ne 0 ] && echo -e "\n\nCouldn't checkout the FIPS release.\n\n" && exit 1
[ $? -ne 0 ] && echo "\n\nCouldn't checkout the FIPS release.\n\n" && exit 1
for MOD in ${WC_MODS[@]}
do
@@ -102,7 +102,7 @@ cp old-tree/$WC_INC_PATH/random.h $WC_INC_PATH
# clone the FIPS repository
git clone -b $FIPS_VERSION $FIPS_REPO fips
[ $? -ne 0 ] && echo -e "\n\nCouldn't checkout the FIPS repository.\n\n" && exit 1
[ $? -ne 0 ] && echo "\n\nCouldn't checkout the FIPS repository.\n\n" && exit 1
for SRC in ${FIPS_SRCS[@]}
do
@@ -113,7 +113,7 @@ done
./autogen.sh
./configure --enable-fips
make
[ $? -ne 0 ] && echo -e "\n\nMake failed. Debris left for analysis." && exit 1
[ $? -ne 0 ] && echo "\n\nMake failed. Debris left for analysis." && exit 1
NEWHASH=`./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p'`
if [ -n "$NEWHASH" ]; then
@@ -122,7 +122,7 @@ if [ -n "$NEWHASH" ]; then
fi
make test
[ $? -ne 0 ] && echo -e "\n\nTest failed. Debris left for analysis." && exit 1
[ $? -ne 0 ] && echo "\n\nTest failed. Debris left for analysis." && exit 1
# Clean up
popd

14
mcapi/crypto.c
View File

@@ -285,13 +285,13 @@ int CRYPT_HUFFMAN_DeCompress(unsigned char* out, unsigned int outSz,
/* RNG Initialize, < 0 on error */
int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng)
{
typedef char rng_test[sizeof(CRYPT_RNG_CTX) >= sizeof(RNG) ? 1 : -1];
typedef char rng_test[sizeof(CRYPT_RNG_CTX) >= sizeof(WC_RNG) ? 1 : -1];
(void)sizeof(rng_test);
if (rng == NULL)
return BAD_FUNC_ARG;
return InitRng((RNG*)rng);
return InitRng((WC_RNG*)rng);
}
@@ -301,7 +301,7 @@ int CRYPT_RNG_Get(CRYPT_RNG_CTX* rng, unsigned char* b)
if (rng == NULL || b == NULL)
return BAD_FUNC_ARG;
return RNG_GenerateByte((RNG*)rng, (byte*)b);
return RNG_GenerateByte((WC_RNG*)rng, (byte*)b);
}
@@ -312,7 +312,7 @@ int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX* rng, unsigned char* b,
if (rng == NULL || b == NULL)
return BAD_FUNC_ARG;
return RNG_GenerateBlock((RNG*)rng, b, sz);
return RNG_GenerateBlock((WC_RNG*)rng, b, sz);
}
@@ -512,7 +512,7 @@ int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out,
return BAD_FUNC_ARG;
return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder,
(RNG*)rng);
(WC_RNG*)rng);
}
@@ -614,7 +614,7 @@ int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng, int keySz)
if (ecc == NULL || rng == NULL)
return BAD_FUNC_ARG;
return wc_ecc_make_key((RNG*)rng, keySz, (ecc_key*)ecc->holder);
return wc_ecc_make_key((WC_RNG*)rng, keySz, (ecc_key*)ecc->holder);
}
@@ -649,7 +649,7 @@ int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng,
in == NULL)
return BAD_FUNC_ARG;
ret = wc_ecc_sign_hash(in, inSz, sig, &inOut, (RNG*)rng,
ret = wc_ecc_sign_hash(in, inSz, sig, &inOut, (WC_RNG*)rng,
(ecc_key*)ecc->holder);
*usedSz = inOut;

2
mcapi/mcapi_test.c
View File

@@ -69,7 +69,7 @@ static byte ourData[OUR_DATA_SIZE];
static byte* key = NULL;
static byte* iv = NULL;
static CRYPT_RNG_CTX mcRng;
static RNG defRng;
static WC_RNG defRng;
static int check_md5(void);
static int check_sha(void);

2
mplabx/README
View File

@@ -40,7 +40,7 @@ PIC32MX/PIC32MZ
---------------
The projects are set for PIC32MX by default. For PIC32MZ, change project
properties->Devices and add "CYASSL_MICROCHIP_PIC32M" to
properties->Devices and add "WOLFSSL_MICROCHIP_PIC32MZ" to
XC32-gcc->Preprocessing and messages-> Preprocessor macros.

11
mplabx/wolfssl.X/nbproject/configurations.xml
View File

@@ -50,6 +50,15 @@
<itemPath>../../wolfcrypt/src/tfm.c</itemPath>
<itemPath>../../wolfcrypt/src/wc_port.c</itemPath>
<itemPath>../../wolfcrypt/src/port/pic32/pic32mz-hash.c</itemPath>
<itemPath>../../wolfcrypt/src/hash.c</itemPath>
<itemPath>../../wolfcrypt/src/chacha20_poly1305.c</itemPath>
<itemPath>../../wolfcrypt/src/curve25519.c</itemPath>
<itemPath>../../wolfcrypt/src/ed25519.c</itemPath>
<itemPath>../../wolfcrypt/src/fe_low_mem.c</itemPath>
<itemPath>../../wolfcrypt/src/fe_operations.c</itemPath>
<itemPath>../../wolfcrypt/src/ge_low_mem.c</itemPath>
<itemPath>../../wolfcrypt/src/ge_operations.c</itemPath>
<itemPath>../../wolfcrypt/src/wc_encrypt.c</itemPath>
</logicalFolder>
<logicalFolder name="f1" displayName="wolfssl" projectFiles="true">
<itemPath>../../src/crl.c</itemPath>
@@ -85,7 +94,7 @@
<targetPluginBoard></targetPluginBoard>
<platformTool>PKOBSKDEPlatformTool</platformTool>
<languageToolchain>XC32</languageToolchain>
<languageToolchainVersion></languageToolchainVersion>
<languageToolchainVersion>1.33</languageToolchainVersion>
<platform>4</platform>
</toolsSet>
<compileType>

19
pre-push.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/sh
#
#
# Our "pre-push" hook.
RESULT=0
if [ -d ./fips ];
then
echo "\n\nTesting with FIPS release code...\n\n"
./fips-check.sh
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFIPS build test failed" && exit 1
fi
[ $RESULT -ne 0 ] && echo "\nOops, your push failed\n" && exit 1
echo "\nPush tests passed!\n"
exit 0

4
scripts/resume.test
View File

@@ -6,6 +6,7 @@
resume_port=11112
no_pid=-1
server_pid=$no_pid
counter=0
remove_ready_file() {
@@ -41,9 +42,10 @@ remove_ready_file
./examples/server/server -r -R -p $resume_port &
server_pid=$!
while [ ! -s /tmp/wolfssl_server_ready ]; do
while [ ! -s /tmp/wolfssl_server_ready -a "$counter" -lt 20 ]; do
echo -e "waiting for server_ready file..."
sleep 0.1
counter=$((counter+ 1))
done
./examples/client/client -r -p $resume_port

6
src/include.am
View File

@@ -74,6 +74,7 @@ endif
src_libwolfssl_la_SOURCES += \
wolfcrypt/src/logging.c \
wolfcrypt/src/wc_encrypt.c \
wolfcrypt/src/wc_port.c \
wolfcrypt/src/error.c
@@ -200,6 +201,10 @@ if BUILD_PKCS7
src_libwolfssl_la_SOURCES += wolfcrypt/src/pkcs7.c
endif
if BUILD_SRP
src_libwolfssl_la_SOURCES += wolfcrypt/src/srp.c
endif
# ssl files
src_libwolfssl_la_SOURCES += \
src/internal.c \
@@ -219,4 +224,3 @@ endif
if BUILD_SNIFFER
src_libwolfssl_la_SOURCES += src/sniffer.c
endif

49
src/internal.c
View File

@@ -46,7 +46,11 @@
#if defined(DEBUG_WOLFSSL) || defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST)
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif
@@ -244,7 +248,7 @@ static int QSH_FreeAll(WOLFSSL* ssl)
#ifdef HAVE_NTRU
static RNG* rng;
static WC_RNG* rng;
static wolfSSL_Mutex* rngMutex;
static word32 GetEntropy(unsigned char* out, word32 num_bytes)
@@ -252,7 +256,7 @@ static word32 GetEntropy(unsigned char* out, word32 num_bytes)
int ret = 0;
if (rng == NULL) {
if ((rng = XMALLOC(sizeof(RNG), 0, DYNAMIC_TYPE_TLSX)) == NULL)
if ((rng = XMALLOC(sizeof(WC_RNG), 0, DYNAMIC_TYPE_TLSX)) == NULL)
return DRBG_OUT_OF_MEMORY;
wc_InitRng(rng);
}
@@ -1765,7 +1769,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
#endif /* NO_PSK */
/* RNG */
ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG);
ssl->rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), ssl->heap, DYNAMIC_TYPE_RNG);
if (ssl->rng == NULL) {
WOLFSSL_MSG("RNG Memory error");
return MEMORY_E;
@@ -2367,7 +2371,7 @@ DtlsMsg* DtlsMsgInsert(DtlsMsg* head, DtlsMsg* item)
#endif /* WOLFSSL_DTLS */
#ifndef NO_OLD_TLS
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
ProtocolVersion MakeSSLv3(void)
{
@@ -2378,7 +2382,7 @@ ProtocolVersion MakeSSLv3(void)
return pv;
}
#endif /* NO_OLD_TLS */
#endif /* WOLFSSL_ALLOW_SSLV3 && !NO_OLD_TLS */
#ifdef WOLFSSL_DTLS
@@ -4780,9 +4784,17 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
}
}
if (ssl->msgsReceived.got_server_key_exchange == 0) {
int pskNoServerHint = 0; /* not required in this case */
#ifndef NO_PSK
if (ssl->specs.kea == psk_kea &&
ssl->arrays->server_hint[0] == 0)
pskNoServerHint = 1;
#endif
if (ssl->specs.static_ecdh == 1 ||
ssl->specs.kea == rsa_kea ||
ssl->specs.kea == ntru_kea) {
ssl->specs.kea == ntru_kea ||
pskNoServerHint) {
WOLFSSL_MSG("No KeyExchange required");
} else {
WOLFSSL_MSG("No ServerKeyExchange before ServerDone");
@@ -6674,6 +6686,22 @@ int ProcessReply(WOLFSSL* ssl)
}
#endif
/* Check for duplicate CCS message in DTLS mode.
* DTLS allows for duplicate messages, and it should be
* skipped. */
if (ssl->options.dtls &&
ssl->msgsReceived.got_change_cipher) {
WOLFSSL_MSG("Duplicate ChangeCipher msg");
if (ssl->curSize != 1) {
WOLFSSL_MSG("Malicious or corrupted"
" duplicate ChangeCipher msg");
return LENGTH_ERROR;
}
ssl->buffers.inputBuffer.idx++;
break;
}
ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
if (ret != 0)
return ret;
@@ -14041,15 +14069,18 @@ int DoSessionTicket(WOLFSSL* ssl,
#endif
if (TLSX_SupportExtensions(ssl)) {
int ret = 0;
/* auto populate extensions supported unless user defined */
if ((ret = TLSX_PopulateExtensions(ssl, 1)) != 0)
return ret;
#else
if (IsAtLeastTLSv1_2(ssl)) {
#endif
/* Process the hello extension. Skip unsupported. */
word16 totalExtSz;
#ifdef HAVE_TLS_EXTENSIONS
/* auto populate extensions supported unless user defined */
if ((ret = TLSX_PopulateExtensions(ssl, 1)) != 0)
return ret;
#endif
if ((i - begin) + OPAQUE16_LEN > helloSz)
return BUFFER_ERROR;

2
src/io.c
View File

@@ -527,6 +527,8 @@ int EmbedGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
#ifdef HAVE_OCSP
#include <stdlib.h> /* atoi() */
static int Word16ToString(char* d, word16 number)
{

4
src/keys.c
View File

@@ -31,7 +31,11 @@
#include <wolfssl/error-ssl.h>
#if defined(SHOW_SECRETS) || defined(CHACHA_AEAD_TEST)
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif

14
src/sniffer.c
View File

@@ -239,7 +239,8 @@ static const char* const msgTable[] =
"Decrypt Keys Not Set Up",
"Late Key Load Error",
"Got Certificate Status msg",
"RSA Key Missing Error"
"RSA Key Missing Error",
"Secure Renegotiation Not Supported"
};
@@ -1117,7 +1118,7 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
sniffer->server = serverIp;
sniffer->port = port;
sniffer->ctx = SSL_CTX_new(SSLv3_client_method());
sniffer->ctx = SSL_CTX_new(TLSv1_client_method());
if (!sniffer->ctx) {
SetError(MEMORY_STR, error, NULL, 0);
#ifdef HAVE_SNI
@@ -1322,7 +1323,6 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
wc_FreeRsaKey(&key);
return -1;
}
ret = 0; /* not in error state */
session->sslServer->arrays->preMasterSz = SECRET_LEN;
/* store for client side as well */
@@ -1817,6 +1817,14 @@ static int DoHandShake(const byte* input, int* sslBytes,
return -1;
}
/* A session's arrays are released when the handshake is completed. */
if (session->sslServer->arrays == NULL &&
session->sslClient->arrays == NULL) {
SetError(NO_SECURE_RENEGOTIATION, error, session, FATAL_ERROR_STATE);
return -1;
}
switch (type) {
case hello_verify_request:
Trace(GOT_HELLO_VERIFY_STR);

125
src/ssl.c
View File

@@ -36,6 +36,8 @@
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || \
defined(WOLFSSL_KEY_GEN)
#include <wolfssl/openssl/evp.h>
/* openssl headers end, wolfssl internal headers next */
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#endif
#ifdef OPENSSL_EXTRA
@@ -1763,7 +1765,7 @@ int wolfSSL_set_group_messages(WOLFSSL* ssl)
static int SetMinVersionHelper(byte* minVersion, int version)
{
switch (version) {
#ifndef NO_OLD_TLS
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
case WOLFSSL_SSLV3:
*minVersion = SSLv3_MINOR;
break;
@@ -1834,7 +1836,7 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
}
switch (version) {
#ifndef NO_OLD_TLS
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
case WOLFSSL_SSLV3:
ssl->version = MakeSSLv3();
break;
@@ -3024,16 +3026,16 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
static INLINE WOLFSSL_METHOD* cm_pick_method(void)
{
#ifndef NO_WOLFSSL_CLIENT
#ifdef NO_OLD_TLS
return wolfTLSv1_2_client_method();
#else
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return wolfSSLv3_client_method();
#else
return wolfTLSv1_2_client_method();
#endif
#elif !defined(NO_WOLFSSL_SERVER)
#ifdef NO_OLD_TLS
return wolfTLSv1_2_server_method();
#else
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return wolfSSLv3_server_method();
#else
return wolfTLSv1_2_server_method();
#endif
#else
return NULL;
@@ -5333,7 +5335,7 @@ int wolfSSL_dtls_got_timeout(WOLFSSL* ssl)
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
#ifndef NO_OLD_TLS
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
WOLFSSL_METHOD* wolfSSLv3_client_method(void)
{
WOLFSSL_METHOD* method =
@@ -5621,7 +5623,7 @@ int wolfSSL_dtls_got_timeout(WOLFSSL* ssl)
/* server only parts */
#ifndef NO_WOLFSSL_SERVER
#ifndef NO_OLD_TLS
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
WOLFSSL_METHOD* wolfSSLv3_server_method(void)
{
WOLFSSL_METHOD* method =
@@ -10918,7 +10920,7 @@ int wolfSSL_cmp_peer_cert_to_file(WOLFSSL* ssl, const char *fname)
#endif
static RNG globalRNG;
static WC_RNG globalRNG;
static int initGlobalRNG = 0;
/* SSL_SUCCESS on ok */
@@ -10947,17 +10949,17 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
{
int ret = 0;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_RAND_bytes");
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return ret;
#endif
@@ -11283,12 +11285,12 @@ int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom)
int ret = 0;
int len = bits / 8;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
byte* buff = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
byte buff[1024];
#endif
@@ -11301,7 +11303,7 @@ int wolfSSL_BN_rand(WOLFSSL_BIGNUM* bn, int bits, int top, int bottom)
#ifdef WOLFSSL_SMALL_STACK
buff = (byte*)XMALLOC(1024, NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (RNG*) XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*) XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buff == NULL || tmpRNG == NULL) {
XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -11924,21 +11926,21 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh)
word32 pubSz = 768;
word32 privSz = 768;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
unsigned char* pub = NULL;
unsigned char* priv = NULL;
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
#else
unsigned char pub [768];
unsigned char priv[768];
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_MSG("wolfSSL_DH_generate_key");
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -12515,11 +12517,12 @@ int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn,
(void)cb;
(void)bn;
(void)bits;
WOLFSSL_ENTER("wolfSSL_RSA_generate_key_ex");
if (rsa == NULL || rsa->internal == NULL ||
bits < RSA_MIN_SIZE || bits > RSA_MAX_SIZE) {
if (rsa == NULL || rsa->internal == NULL) {
/* bit size checked during make key call */
WOLFSSL_MSG("bad arguments");
return SSL_FAILURE;
}
@@ -12527,13 +12530,13 @@ int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn,
#ifdef WOLFSSL_KEY_GEN
{
#ifdef WOLFSSL_SMALL_STACK
RNG* rng = NULL;
WC_RNG* rng = NULL;
#else
RNG rng[1];
WC_RNG rng[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
rng = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (rng == NULL)
return SSL_FAILURE;
#endif
@@ -12648,15 +12651,15 @@ int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa)
#ifdef WOLFSSL_KEY_GEN
{
int initTmpRng = 0;
RNG *rng = NULL;
WC_RNG *rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG *tmpRNG = NULL;
WC_RNG *tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return SSL_FATAL_ERROR;
#endif
@@ -12721,15 +12724,15 @@ int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits,
#ifdef WOLFSSL_KEY_GEN
{
int initTmpRng = 0;
RNG *rng = NULL;
WC_RNG *rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG *tmpRNG = NULL;
WC_RNG *tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return SSL_FATAL_ERROR;
#endif
@@ -12775,11 +12778,11 @@ int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
{
int ret = SSL_FATAL_ERROR;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_DSA_do_sign");
@@ -12800,7 +12803,7 @@ int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
}
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return SSL_FATAL_ERROR;
#endif
@@ -12875,13 +12878,13 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m,
word32 outLen;
word32 signSz;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
byte* encodedSig = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
byte encodedSig[MAX_ENCODED_SIG_SZ];
#endif
@@ -12910,7 +12913,7 @@ int wolfSSL_RSA_sign(int type, const unsigned char* m,
outLen = (word32)wolfSSL_BN_num_bytes(rsa->n);
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return 0;
@@ -14022,11 +14025,11 @@ int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group)
int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
{
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key");
@@ -14038,7 +14041,7 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key)
}
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return 0;
#endif
@@ -14657,11 +14660,11 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
{
WOLFSSL_ECDSA_SIG *sig = NULL;
int initTmpRng = 0;
RNG* rng = NULL;
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG* tmpRNG = NULL;
WC_RNG* tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_ECDSA_do_sign");
@@ -14683,7 +14686,7 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
}
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return NULL;
#endif
@@ -15484,7 +15487,7 @@ int wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
word32 szNeeded = 0;
WOLFSSL_ENTER("wolfSSL_get_chain_cert_pem");
if (!chain || !outLen)
if (!chain || !outLen || idx < 0 || idx >= wolfSSL_get_chain_count(chain))
return BAD_FUNC_ARG;
/* Null output buffer return size needed in outLen */
@@ -16344,11 +16347,11 @@ int wolfSSL_EC25519_generate_key(unsigned char *priv, unsigned int *privSz,
#else /* WOLFSSL_KEY_GEN */
int ret = SSL_FAILURE;
int initTmpRng = 0;
RNG *rng = NULL;
WC_RNG *rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG *tmpRNG = NULL;
WC_RNG *tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_EC25519_generate_key");
@@ -16360,7 +16363,7 @@ int wolfSSL_EC25519_generate_key(unsigned char *priv, unsigned int *privSz,
}
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return SSL_FAILURE;
#endif
@@ -16482,11 +16485,11 @@ int wolfSSL_ED25519_generate_key(unsigned char *priv, unsigned int *privSz,
#else /* WOLFSSL_KEY_GEN */
int ret = SSL_FAILURE;
int initTmpRng = 0;
RNG *rng = NULL;
WC_RNG *rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
RNG *tmpRNG = NULL;
WC_RNG *tmpRNG = NULL;
#else
RNG tmpRNG[1];
WC_RNG tmpRNG[1];
#endif
WOLFSSL_ENTER("wolfSSL_ED25519_generate_key");
@@ -16498,7 +16501,7 @@ int wolfSSL_ED25519_generate_key(unsigned char *priv, unsigned int *privSz,
}
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL)
return SSL_FATAL_ERROR;
#endif

8
src/tls.c
View File

@@ -310,7 +310,7 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
/* If a cipher suite wants an algorithm better than sha256, it
* should use better. */
if (hash_type < sha256_mac)
if (hash_type < sha256_mac || hash_type == blake2b_mac)
hash_type = sha256_mac;
ret = p_hash(digest, digLen, secret, secLen, labelSeed,
labLen + seedLen, hash_type);
@@ -350,7 +350,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
if (IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_SHA256
if (ssl->specs.mac_algorithm <= sha256_mac) {
if (ssl->specs.mac_algorithm <= sha256_mac || ssl->specs.mac_algorithm == blake2b_mac) {
int ret = wc_Sha256GetHash(&ssl->hsHashes->hashSha256,handshake_hash);
if (ret != 0)
@@ -2058,7 +2058,7 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket)
#ifdef HAVE_QSH
static RNG* rng;
static WC_RNG* rng;
static wolfSSL_Mutex* rngMutex;
static void TLSX_QSH_FreeAll(QSHScheme* list)
@@ -2841,7 +2841,7 @@ static word32 GetEntropy(unsigned char* out, word32 num_bytes)
int ret = 0;
if (rng == NULL) {
if ((rng = XMALLOC(sizeof(RNG), 0, DYNAMIC_TYPE_TLSX)) == NULL)
if ((rng = XMALLOC(sizeof(WC_RNG), 0, DYNAMIC_TYPE_TLSX)) == NULL)
return DRBG_OUT_OF_MEMORY;
wc_InitRng(rng);
}

2
support/wolfssl.pc
View File

@@ -5,6 +5,6 @@ includedir=${prefix}/include
Name: wolfssl
Description: wolfssl C library.
Version: 3.6.2
Version: 3.6.3
Libs: -L${libdir} -lwolfssl
Cflags: -I${includedir}

6
swig/wolfssl.i
View File

@@ -27,7 +27,7 @@
/* defn adds */
char* wolfSSL_error_string(int err);
int wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
RNG* GetRng(void);
WC_RNG* GetRng(void);
RsaKey* GetRsaPrivateKey(const char* file);
void FillSignStr(unsigned char*, const char*, int);
%}
@@ -44,11 +44,11 @@ int wolfSSL_Init(void);
char* wolfSSL_error_string(int);
int wolfSSL_swig_connect(WOLFSSL*, const char* server, int port);
int wc_RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, RNG* rng);
int wc_RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, WC_RNG* rng);
int wc_RsaSSL_Verify(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key);
RNG* GetRng(void);
WC_RNG* GetRng(void);
RsaKey* GetRsaPrivateKey(const char* file);
void FillSignStr(unsigned char*, const char*, int);

4
swig/wolfssl_adds.c
View File

@@ -182,9 +182,9 @@ char* wolfSSL_error_string(int err)
}
RNG* GetRng(void)
WC_RNG* GetRng(void)
{
RNG* rng = (RNG*)malloc(sizeof(RNG));
WC_RNG* rng = (WC_RNG*)malloc(sizeof(WC_RNG));
if (rng)
if (wc_InitRng(rng) != 0) {

4
tests/CONF_FILES_README.md Normal file
View File

@@ -0,0 +1,4 @@
suites.c is a dynamicically written program where new test cases can be written
and added to as needed. When creating a new configure file for a test be sure
to use the exact formatting as the existing configure files. Reference test.conf
for an example.

1
tests/README Normal file
View File

@@ -0,0 +1 @@
Before creating any new configure files (.conf) read the CONF_FILES_README.md

2
tests/api.c
View File

@@ -101,8 +101,10 @@ static void test_wolfSSL_Method_Allocators(void)
TEST_METHOD_ALLOCATOR(a, AssertNull)
#ifndef NO_OLD_TLS
#ifdef WOLFSSL_ALLOW_SSLV3
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_server_method);
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv3_client_method);
#endif
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_server_method);
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_client_method);
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);

3
tests/include.am
View File

@@ -11,6 +11,7 @@ tests_unit_test_SOURCES = \
tests/api.c \
tests/suites.c \
tests/hash.c \
tests/srp.c \
examples/client/client.c \
examples/server/server.c
tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS)
@@ -19,5 +20,7 @@ tests_unit_test_DEPENDENCIES = src/libwolfssl.la
endif
EXTRA_DIST += tests/unit.h
EXTRA_DIST += tests/test.conf \
tests/test-qsh.conf \
tests/test-psk-no-id.conf \
tests/test-dtls.conf
DISTCLEANFILES+= tests/.libs/unit.test

696
tests/srp.c Normal file
View File

@@ -0,0 +1,696 @@
/* srp.c SRP unit tests
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU Geteral Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Geteral Public License for more details.
*
* You should have received a copy of the GNU Geteral Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <tests/unit.h>
#include <wolfssl/wolfcrypt/sha512.h>
#include <wolfssl/wolfcrypt/srp.h>
#ifdef WOLFCRYPT_HAVE_SRP
static byte username[] = "user";
static word32 usernameSz = 4;
static byte password[] = "password";
static word32 passwordSz = 8;
static byte N[] = {
0xD4, 0xC7, 0xF8, 0xA2, 0xB3, 0x2C, 0x11, 0xB8, 0xFB, 0xA9, 0x58, 0x1E,
0xC4, 0xBA, 0x4F, 0x1B, 0x04, 0x21, 0x56, 0x42, 0xEF, 0x73, 0x55, 0xE3,
0x7C, 0x0F, 0xC0, 0x44, 0x3E, 0xF7, 0x56, 0xEA, 0x2C, 0x6B, 0x8E, 0xEB,
0x75, 0x5A, 0x1C, 0x72, 0x30, 0x27, 0x66, 0x3C, 0xAA, 0x26, 0x5E, 0xF7,
0x85, 0xB8, 0xFF, 0x6A, 0x9B, 0x35, 0x22, 0x7A, 0x52, 0xD8, 0x66, 0x33,
0xDB, 0xDF, 0xCA, 0x43
};
static byte g[] = {
0x02
};
static byte salt[] = {
0x80, 0x66, 0x61, 0x5B, 0x7D, 0x33, 0xA2, 0x2E, 0x79, 0x18
};
static byte verifier[] = {
0x24, 0x5F, 0xA5, 0x1B, 0x2A, 0x28, 0xF8, 0xFF, 0xE2, 0xA0, 0xF8, 0x61,
0x7B, 0x0F, 0x3C, 0x05, 0xD6, 0x4A, 0x55, 0xDF, 0x74, 0x31, 0x54, 0x47,
0xA1, 0xFA, 0x9D, 0x25, 0x7B, 0x02, 0x88, 0x0A, 0xE8, 0x5A, 0xBA, 0x8B,
0xA2, 0xD3, 0x8A, 0x62, 0x46, 0x8C, 0xEC, 0x52, 0xBE, 0xDE, 0xFC, 0x75,
0xF5, 0xDB, 0x9C, 0x8C, 0x9B, 0x34, 0x7A, 0xE7, 0x4A, 0x5F, 0xBB, 0x96,
0x38, 0x19, 0xAB, 0x24
};
static byte a[] = {
0x37, 0x95, 0xF2, 0xA6, 0xF1, 0x6F, 0x0D, 0x58, 0xBF, 0xED, 0x44, 0x87,
0xE0, 0xB6, 0xCC, 0x1C, 0xA0, 0x50, 0xC6, 0x61, 0xBB, 0x36, 0xE0, 0x9A,
0xF3, 0xF7, 0x1E, 0x7A, 0x61, 0x86, 0x5A, 0xF5
};
static byte A[] = {
0x8D, 0x28, 0xC5, 0x6A, 0x46, 0x5C, 0x82, 0xDB, 0xC7, 0xF6, 0x8B, 0x62,
0x1A, 0xAD, 0xA1, 0x76, 0x1B, 0x55, 0xFF, 0xAB, 0x10, 0x2F, 0xFF, 0x4A,
0xAA, 0x46, 0xAD, 0x33, 0x64, 0xDE, 0x28, 0x2E, 0x82, 0x7A, 0xBE, 0xEA,
0x32, 0xFC, 0xD6, 0x14, 0x01, 0x71, 0xE6, 0xC8, 0xC9, 0x53, 0x69, 0x55,
0xE1, 0xF8, 0x3D, 0xDD, 0xC7, 0xD5, 0x21, 0xCE, 0xFF, 0x17, 0xFC, 0x23,
0xBF, 0xCF, 0x2D, 0xB0
};
static byte b[] = {
0x2B, 0xDD, 0x30, 0x30, 0x53, 0xAF, 0xD8, 0x3A, 0xE7, 0xE0, 0x17, 0x82,
0x39, 0x44, 0x2C, 0xDB, 0x30, 0x88, 0x0F, 0xC8, 0x88, 0xC2, 0xB2, 0xC1,
0x78, 0x43, 0x2F, 0xD5, 0x60, 0xD4, 0xDA, 0x43
};
static byte B[] = {
0xB5, 0x80, 0x36, 0x7F, 0x50, 0x89, 0xC1, 0x04, 0x42, 0x98, 0xD7, 0x6A,
0x37, 0x8E, 0xF1, 0x81, 0x52, 0xC5, 0x7A, 0xA1, 0xD5, 0xB7, 0x66, 0x84,
0xA1, 0x3E, 0x32, 0x82, 0x2B, 0x3A, 0xB5, 0xD7, 0x3D, 0x50, 0xF1, 0x58,
0xBD, 0x89, 0x75, 0xC7, 0x51, 0xCF, 0x6C, 0x03, 0xD4, 0xCA, 0xD5, 0x6E,
0x97, 0x4D, 0xA3, 0x1E, 0x19, 0x0B, 0xF0, 0xAA, 0x7D, 0x14, 0x90, 0x80,
0x0E, 0xC7, 0x92, 0xAD
};
static byte key[] = {
0x66, 0x00, 0x9D, 0x58, 0xB3, 0xD2, 0x0D, 0x4B, 0x69, 0x7F, 0xCF, 0x48,
0xFF, 0x8F, 0x15, 0x81, 0x4C, 0x4B, 0xFE, 0x9D, 0x85, 0x77, 0x88, 0x60,
0x1D, 0x1E, 0x51, 0xCF, 0x75, 0xCC, 0x58, 0x00, 0xE7, 0x8D, 0x22, 0x87,
0x13, 0x6C, 0x88, 0x55
};
static byte client_proof[] = {
0x0D, 0x49, 0xE1, 0x9C, 0x3A, 0x88, 0x43, 0x15, 0x45, 0xA8, 0xAC, 0xAB,
0xEA, 0x15, 0x1A, 0xEE, 0xF9, 0x38, 0x4D, 0x21
};
static byte server_proof[] = {
0xBD, 0xB1, 0x20, 0x70, 0x46, 0xC9, 0xD6, 0xCC, 0xE2, 0x1D, 0x75, 0xA2,
0xD0, 0xAF, 0xC5, 0xBC, 0xAE, 0x12, 0xFC, 0x75
};
static void test_SrpInit(void)
{
Srp srp;
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(NULL, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, 255, SRP_CLIENT_SIDE));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, SRP_TYPE_SHA, 255 ));
/* success */
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
wc_SrpTerm(&srp);
}
static void test_SrpSetUsername(void)
{
Srp srp;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(NULL, username, usernameSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(&srp, NULL, usernameSz));
/* success */
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ((int) usernameSz, srp.userSz);
AssertIntEQ(0, XMEMCMP(srp.user, username, usernameSz));
wc_SrpTerm(&srp);
}
static void test_SrpSetParams(void)
{
Srp srp;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
/* fix call order */
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, NULL, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
NULL, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
NULL, sizeof(salt)));
/* success */
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(sizeof(salt), srp.saltSz);
AssertIntEQ(0, XMEMCMP(srp.salt, salt, srp.saltSz));
wc_SrpTerm(&srp);
}
static void test_SrpSetPassword(void)
{
Srp srp;
byte v[64];
word32 vSz = 0;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E,
wc_SrpSetPassword(&srp, password, passwordSz));
AssertIntEQ(SRP_CALL_ORDER_E,
wc_SrpGetVerifier(&srp, v, &vSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(NULL, password, passwordSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(&srp, NULL, passwordSz));
/* success */
AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(NULL, v, &vSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(&srp, NULL, &vSz));
AssertIntEQ(BUFFER_E, wc_SrpGetVerifier(&srp, v, &vSz));
/* success */
vSz = sizeof(v);
AssertIntEQ(0, wc_SrpGetVerifier(&srp, v, &vSz));
AssertIntEQ(vSz, sizeof(verifier));
AssertIntEQ(0, XMEMCMP(verifier, v, vSz));
/* invalid params - client side srp */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, v, vSz));
wc_SrpTerm(&srp);
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(NULL, v, vSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, NULL, vSz));
/* success */
AssertIntEQ(0, wc_SrpSetVerifier(&srp, v, vSz));
wc_SrpTerm(&srp);
}
static void test_SrpGetPublic(void)
{
Srp srp;
byte public[64];
word32 publicSz = 0;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, public, &publicSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(NULL, public, &publicSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, NULL, &publicSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, public, NULL));
AssertIntEQ(BUFFER_E, wc_SrpGetPublic(&srp, public, &publicSz));
/* success */
publicSz = sizeof(public);
AssertIntEQ(0, wc_SrpSetPrivate(&srp, a, sizeof(a)));
AssertIntEQ(0, wc_SrpGetPublic(&srp, public, &publicSz));
AssertIntEQ(publicSz, sizeof(A));
AssertIntEQ(0, XMEMCMP(public, A, publicSz));
wc_SrpTerm(&srp);
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, public, &publicSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetVerifier(&srp, verifier, sizeof(verifier)));
/* success */
AssertIntEQ(0, wc_SrpSetPrivate(&srp, b, sizeof(b)));
AssertIntEQ(0, wc_SrpGetPublic(&srp, public, &publicSz));
AssertIntEQ(publicSz, sizeof(B));
AssertIntEQ(0, XMEMCMP(public, B, publicSz));
wc_SrpTerm(&srp);
}
static void test_SrpComputeKey(void)
{
Srp cli, srv;
byte clientPubKey[64];
byte serverPubKey[64];
word32 clientPubKeySz = 64;
word32 serverPubKeySz = 64;
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(NULL,
clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
NULL, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, 0,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
NULL, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
serverPubKey, 0));
/* success */
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
static void test_SrpGetProofAndVerify(void)
{
Srp cli, srv;
byte clientPubKey[64];
byte serverPubKey[64];
word32 clientPubKeySz = 64;
word32 serverPubKeySz = 64;
byte clientProof[SRP_MAX_DIGEST_SIZE];
byte serverProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
/* invalid params */
serverProofSz = 0;
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(NULL, clientProof,&clientProofSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, NULL, &clientProofSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, clientProof,NULL));
AssertIntEQ(BUFFER_E, wc_SrpGetProof(&srv, serverProof,&serverProofSz));
AssertIntEQ(BAD_FUNC_ARG,
wc_SrpVerifyPeersProof(NULL, clientProof, clientProofSz));
AssertIntEQ(BAD_FUNC_ARG,
wc_SrpVerifyPeersProof(&cli, NULL, clientProofSz));
AssertIntEQ(BUFFER_E,
wc_SrpVerifyPeersProof(&srv, serverProof, serverProofSz));
serverProofSz = SRP_MAX_DIGEST_SIZE;
/* success */
AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
AssertIntEQ(0, XMEMCMP(clientProof, client_proof, sizeof(client_proof)));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
AssertIntEQ(0, XMEMCMP(serverProof, server_proof, sizeof(server_proof)));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
static int sha512_key_gen(Srp* srp, byte* secret, word32 size)
{
Sha512 hash;
int r;
srp->key = (byte*)XMALLOC(SHA512_DIGEST_SIZE, NULL, DYNAMIC_TYPE_SRP);
if (srp->key == NULL)
return MEMORY_E;
srp->keySz = SHA512_DIGEST_SIZE;
r = wc_InitSha512(&hash);
if (!r) r = wc_Sha512Update(&hash, secret, size);
if (!r) r = wc_Sha512Final(&hash, srp->key);
XMEMSET(&hash, 0, sizeof(Sha512));
return r;
}
static void test_SrpKeyGenFunc_cb(void)
{
Srp cli, srv;
byte clientPubKey[1024];
byte serverPubKey[1024];
word32 clientPubKeySz = 1024;
word32 serverPubKeySz = 1024;
byte clientProof[SRP_MAX_DIGEST_SIZE];
byte serverProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
byte username_[] = "alice";
word32 usernameSz_ = 5;
byte password_[] = "password123";
word32 passwordSz_ = 11;
byte N_[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
byte g_[] = {
0x05
};
byte salt_[] = {
0xBE, 0xB2, 0x53, 0x79, 0xD1, 0xA8, 0x58, 0x1E, 0xB5, 0xA7, 0x27, 0x67,
0x3A, 0x24, 0x41, 0xEE
};
byte verifier_[] = {
0x9B, 0x5E, 0x06, 0x17, 0x01, 0xEA, 0x7A, 0xEB, 0x39, 0xCF, 0x6E, 0x35,
0x19, 0x65, 0x5A, 0x85, 0x3C, 0xF9, 0x4C, 0x75, 0xCA, 0xF2, 0x55, 0x5E,
0xF1, 0xFA, 0xF7, 0x59, 0xBB, 0x79, 0xCB, 0x47, 0x70, 0x14, 0xE0, 0x4A,
0x88, 0xD6, 0x8F, 0xFC, 0x05, 0x32, 0x38, 0x91, 0xD4, 0xC2, 0x05, 0xB8,
0xDE, 0x81, 0xC2, 0xF2, 0x03, 0xD8, 0xFA, 0xD1, 0xB2, 0x4D, 0x2C, 0x10,
0x97, 0x37, 0xF1, 0xBE, 0xBB, 0xD7, 0x1F, 0x91, 0x24, 0x47, 0xC4, 0xA0,
0x3C, 0x26, 0xB9, 0xFA, 0xD8, 0xED, 0xB3, 0xE7, 0x80, 0x77, 0x8E, 0x30,
0x25, 0x29, 0xED, 0x1E, 0xE1, 0x38, 0xCC, 0xFC, 0x36, 0xD4, 0xBA, 0x31,
0x3C, 0xC4, 0x8B, 0x14, 0xEA, 0x8C, 0x22, 0xA0, 0x18, 0x6B, 0x22, 0x2E,
0x65, 0x5F, 0x2D, 0xF5, 0x60, 0x3F, 0xD7, 0x5D, 0xF7, 0x6B, 0x3B, 0x08,
0xFF, 0x89, 0x50, 0x06, 0x9A, 0xDD, 0x03, 0xA7, 0x54, 0xEE, 0x4A, 0xE8,
0x85, 0x87, 0xCC, 0xE1, 0xBF, 0xDE, 0x36, 0x79, 0x4D, 0xBA, 0xE4, 0x59,
0x2B, 0x7B, 0x90, 0x4F, 0x44, 0x2B, 0x04, 0x1C, 0xB1, 0x7A, 0xEB, 0xAD,
0x1E, 0x3A, 0xEB, 0xE3, 0xCB, 0xE9, 0x9D, 0xE6, 0x5F, 0x4B, 0xB1, 0xFA,
0x00, 0xB0, 0xE7, 0xAF, 0x06, 0x86, 0x3D, 0xB5, 0x3B, 0x02, 0x25, 0x4E,
0xC6, 0x6E, 0x78, 0x1E, 0x3B, 0x62, 0xA8, 0x21, 0x2C, 0x86, 0xBE, 0xB0,
0xD5, 0x0B, 0x5B, 0xA6, 0xD0, 0xB4, 0x78, 0xD8, 0xC4, 0xE9, 0xBB, 0xCE,
0xC2, 0x17, 0x65, 0x32, 0x6F, 0xBD, 0x14, 0x05, 0x8D, 0x2B, 0xBD, 0xE2,
0xC3, 0x30, 0x45, 0xF0, 0x38, 0x73, 0xE5, 0x39, 0x48, 0xD7, 0x8B, 0x79,
0x4F, 0x07, 0x90, 0xE4, 0x8C, 0x36, 0xAE, 0xD6, 0xE8, 0x80, 0xF5, 0x57,
0x42, 0x7B, 0x2F, 0xC0, 0x6D, 0xB5, 0xE1, 0xE2, 0xE1, 0xD7, 0xE6, 0x61,
0xAC, 0x48, 0x2D, 0x18, 0xE5, 0x28, 0xD7, 0x29, 0x5E, 0xF7, 0x43, 0x72,
0x95, 0xFF, 0x1A, 0x72, 0xD4, 0x02, 0x77, 0x17, 0x13, 0xF1, 0x68, 0x76,
0xDD, 0x05, 0x0A, 0xE5, 0xB7, 0xAD, 0x53, 0xCC, 0xB9, 0x08, 0x55, 0xC9,
0x39, 0x56, 0x64, 0x83, 0x58, 0xAD, 0xFD, 0x96, 0x64, 0x22, 0xF5, 0x24,
0x98, 0x73, 0x2D, 0x68, 0xD1, 0xD7, 0xFB, 0xEF, 0x10, 0xD7, 0x80, 0x34,
0xAB, 0x8D, 0xCB, 0x6F, 0x0F, 0xCF, 0x88, 0x5C, 0xC2, 0xB2, 0xEA, 0x2C,
0x3E, 0x6A, 0xC8, 0x66, 0x09, 0xEA, 0x05, 0x8A, 0x9D, 0xA8, 0xCC, 0x63,
0x53, 0x1D, 0xC9, 0x15, 0x41, 0x4D, 0xF5, 0x68, 0xB0, 0x94, 0x82, 0xDD,
0xAC, 0x19, 0x54, 0xDE, 0xC7, 0xEB, 0x71, 0x4F, 0x6F, 0xF7, 0xD4, 0x4C,
0xD5, 0xB8, 0x6F, 0x6B, 0xD1, 0x15, 0x81, 0x09, 0x30, 0x63, 0x7C, 0x01,
0xD0, 0xF6, 0x01, 0x3B, 0xC9, 0x74, 0x0F, 0xA2, 0xC6, 0x33, 0xBA, 0x89
};
byte a_[] = {
0x60, 0x97, 0x55, 0x27, 0x03, 0x5C, 0xF2, 0xAD, 0x19, 0x89, 0x80, 0x6F,
0x04, 0x07, 0x21, 0x0B, 0xC8, 0x1E, 0xDC, 0x04, 0xE2, 0x76, 0x2A, 0x56,
0xAF, 0xD5, 0x29, 0xDD, 0xDA, 0x2D, 0x43, 0x93
};
byte A_[] = {
0xFA, 0xB6, 0xF5, 0xD2, 0x61, 0x5D, 0x1E, 0x32, 0x35, 0x12, 0xE7, 0x99,
0x1C, 0xC3, 0x74, 0x43, 0xF4, 0x87, 0xDA, 0x60, 0x4C, 0xA8, 0xC9, 0x23,
0x0F, 0xCB, 0x04, 0xE5, 0x41, 0xDC, 0xE6, 0x28, 0x0B, 0x27, 0xCA, 0x46,
0x80, 0xB0, 0x37, 0x4F, 0x17, 0x9D, 0xC3, 0xBD, 0xC7, 0x55, 0x3F, 0xE6,
0x24, 0x59, 0x79, 0x8C, 0x70, 0x1A, 0xD8, 0x64, 0xA9, 0x13, 0x90, 0xA2,
0x8C, 0x93, 0xB6, 0x44, 0xAD, 0xBF, 0x9C, 0x00, 0x74, 0x5B, 0x94, 0x2B,
0x79, 0xF9, 0x01, 0x2A, 0x21, 0xB9, 0xB7, 0x87, 0x82, 0x31, 0x9D, 0x83,
0xA1, 0xF8, 0x36, 0x28, 0x66, 0xFB, 0xD6, 0xF4, 0x6B, 0xFC, 0x0D, 0xDB,
0x2E, 0x1A, 0xB6, 0xE4, 0xB4, 0x5A, 0x99, 0x06, 0xB8, 0x2E, 0x37, 0xF0,
0x5D, 0x6F, 0x97, 0xF6, 0xA3, 0xEB, 0x6E, 0x18, 0x20, 0x79, 0x75, 0x9C,
0x4F, 0x68, 0x47, 0x83, 0x7B, 0x62, 0x32, 0x1A, 0xC1, 0xB4, 0xFA, 0x68,
0x64, 0x1F, 0xCB, 0x4B, 0xB9, 0x8D, 0xD6, 0x97, 0xA0, 0xC7, 0x36, 0x41,
0x38, 0x5F, 0x4B, 0xAB, 0x25, 0xB7, 0x93, 0x58, 0x4C, 0xC3, 0x9F, 0xC8,
0xD4, 0x8D, 0x4B, 0xD8, 0x67, 0xA9, 0xA3, 0xC1, 0x0F, 0x8E, 0xA1, 0x21,
0x70, 0x26, 0x8E, 0x34, 0xFE, 0x3B, 0xBE, 0x6F, 0xF8, 0x99, 0x98, 0xD6,
0x0D, 0xA2, 0xF3, 0xE4, 0x28, 0x3C, 0xBE, 0xC1, 0x39, 0x3D, 0x52, 0xAF,
0x72, 0x4A, 0x57, 0x23, 0x0C, 0x60, 0x4E, 0x9F, 0xBC, 0xE5, 0x83, 0xD7,
0x61, 0x3E, 0x6B, 0xFF, 0xD6, 0x75, 0x96, 0xAD, 0x12, 0x1A, 0x87, 0x07,
0xEE, 0xC4, 0x69, 0x44, 0x95, 0x70, 0x33, 0x68, 0x6A, 0x15, 0x5F, 0x64,
0x4D, 0x5C, 0x58, 0x63, 0xB4, 0x8F, 0x61, 0xBD, 0xBF, 0x19, 0xA5, 0x3E,
0xAB, 0x6D, 0xAD, 0x0A, 0x18, 0x6B, 0x8C, 0x15, 0x2E, 0x5F, 0x5D, 0x8C,
0xAD, 0x4B, 0x0E, 0xF8, 0xAA, 0x4E, 0xA5, 0x00, 0x88, 0x34, 0xC3, 0xCD,
0x34, 0x2E, 0x5E, 0x0F, 0x16, 0x7A, 0xD0, 0x45, 0x92, 0xCD, 0x8B, 0xD2,
0x79, 0x63, 0x93, 0x98, 0xEF, 0x9E, 0x11, 0x4D, 0xFA, 0xAA, 0xB9, 0x19,
0xE1, 0x4E, 0x85, 0x09, 0x89, 0x22, 0x4D, 0xDD, 0x98, 0x57, 0x6D, 0x79,
0x38, 0x5D, 0x22, 0x10, 0x90, 0x2E, 0x9F, 0x9B, 0x1F, 0x2D, 0x86, 0xCF,
0xA4, 0x7E, 0xE2, 0x44, 0x63, 0x54, 0x65, 0xF7, 0x10, 0x58, 0x42, 0x1A,
0x01, 0x84, 0xBE, 0x51, 0xDD, 0x10, 0xCC, 0x9D, 0x07, 0x9E, 0x6F, 0x16,
0x04, 0xE7, 0xAA, 0x9B, 0x7C, 0xF7, 0x88, 0x3C, 0x7D, 0x4C, 0xE1, 0x2B,
0x06, 0xEB, 0xE1, 0x60, 0x81, 0xE2, 0x3F, 0x27, 0xA2, 0x31, 0xD1, 0x84,
0x32, 0xD7, 0xD1, 0xBB, 0x55, 0xC2, 0x8A, 0xE2, 0x1F, 0xFC, 0xF0, 0x05,
0xF5, 0x75, 0x28, 0xD1, 0x5A, 0x88, 0x88, 0x1B, 0xB3, 0xBB, 0xB7, 0xFE
};
byte b_[] = {
0xE4, 0x87, 0xCB, 0x59, 0xD3, 0x1A, 0xC5, 0x50, 0x47, 0x1E, 0x81, 0xF0,
0x0F, 0x69, 0x28, 0xE0, 0x1D, 0xDA, 0x08, 0xE9, 0x74, 0xA0, 0x04, 0xF4,
0x9E, 0x61, 0xF5, 0xD1, 0x05, 0x28, 0x4D, 0x20
};
byte B_[] = {
0x40, 0xF5, 0x70, 0x88, 0xA4, 0x82, 0xD4, 0xC7, 0x73, 0x33, 0x84, 0xFE,
0x0D, 0x30, 0x1F, 0xDD, 0xCA, 0x90, 0x80, 0xAD, 0x7D, 0x4F, 0x6F, 0xDF,
0x09, 0xA0, 0x10, 0x06, 0xC3, 0xCB, 0x6D, 0x56, 0x2E, 0x41, 0x63, 0x9A,
0xE8, 0xFA, 0x21, 0xDE, 0x3B, 0x5D, 0xBA, 0x75, 0x85, 0xB2, 0x75, 0x58,
0x9B, 0xDB, 0x27, 0x98, 0x63, 0xC5, 0x62, 0x80, 0x7B, 0x2B, 0x99, 0x08,
0x3C, 0xD1, 0x42, 0x9C, 0xDB, 0xE8, 0x9E, 0x25, 0xBF, 0xBD, 0x7E, 0x3C,
0xAD, 0x31, 0x73, 0xB2, 0xE3, 0xC5, 0xA0, 0xB1, 0x74, 0xDA, 0x6D, 0x53,
0x91, 0xE6, 0xA0, 0x6E, 0x46, 0x5F, 0x03, 0x7A, 0x40, 0x06, 0x25, 0x48,
0x39, 0xA5, 0x6B, 0xF7, 0x6D, 0xA8, 0x4B, 0x1C, 0x94, 0xE0, 0xAE, 0x20,
0x85, 0x76, 0x15, 0x6F, 0xE5, 0xC1, 0x40, 0xA4, 0xBA, 0x4F, 0xFC, 0x9E,
0x38, 0xC3, 0xB0, 0x7B, 0x88, 0x84, 0x5F, 0xC6, 0xF7, 0xDD, 0xDA, 0x93,
0x38, 0x1F, 0xE0, 0xCA, 0x60, 0x84, 0xC4, 0xCD, 0x2D, 0x33, 0x6E, 0x54,
0x51, 0xC4, 0x64, 0xCC, 0xB6, 0xEC, 0x65, 0xE7, 0xD1, 0x6E, 0x54, 0x8A,
0x27, 0x3E, 0x82, 0x62, 0x84, 0xAF, 0x25, 0x59, 0xB6, 0x26, 0x42, 0x74,
0x21, 0x59, 0x60, 0xFF, 0xF4, 0x7B, 0xDD, 0x63, 0xD3, 0xAF, 0xF0, 0x64,
0xD6, 0x13, 0x7A, 0xF7, 0x69, 0x66, 0x1C, 0x9D, 0x4F, 0xEE, 0x47, 0x38,
0x26, 0x03, 0xC8, 0x8E, 0xAA, 0x09, 0x80, 0x58, 0x1D, 0x07, 0x75, 0x84,
0x61, 0xB7, 0x77, 0xE4, 0x35, 0x6D, 0xDA, 0x58, 0x35, 0x19, 0x8B, 0x51,
0xFE, 0xEA, 0x30, 0x8D, 0x70, 0xF7, 0x54, 0x50, 0xB7, 0x16, 0x75, 0xC0,
0x8C, 0x7D, 0x83, 0x02, 0xFD, 0x75, 0x39, 0xDD, 0x1F, 0xF2, 0xA1, 0x1C,
0xB4, 0x25, 0x8A, 0xA7, 0x0D, 0x23, 0x44, 0x36, 0xAA, 0x42, 0xB6, 0xA0,
0x61, 0x5F, 0x3F, 0x91, 0x5D, 0x55, 0xCC, 0x3B, 0x96, 0x6B, 0x27, 0x16,
0xB3, 0x6E, 0x4D, 0x1A, 0x06, 0xCE, 0x5E, 0x5D, 0x2E, 0xA3, 0xBE, 0xE5,
0xA1, 0x27, 0x0E, 0x87, 0x51, 0xDA, 0x45, 0xB6, 0x0B, 0x99, 0x7B, 0x0F,
0xFD, 0xB0, 0xF9, 0x96, 0x2F, 0xEE, 0x4F, 0x03, 0xBE, 0xE7, 0x80, 0xBA,
0x0A, 0x84, 0x5B, 0x1D, 0x92, 0x71, 0x42, 0x17, 0x83, 0xAE, 0x66, 0x01,
0xA6, 0x1E, 0xA2, 0xE3, 0x42, 0xE4, 0xF2, 0xE8, 0xBC, 0x93, 0x5A, 0x40,
0x9E, 0xAD, 0x19, 0xF2, 0x21, 0xBD, 0x1B, 0x74, 0xE2, 0x96, 0x4D, 0xD1,
0x9F, 0xC8, 0x45, 0xF6, 0x0E, 0xFC, 0x09, 0x33, 0x8B, 0x60, 0xB6, 0xB2,
0x56, 0xD8, 0xCA, 0xC8, 0x89, 0xCC, 0xA3, 0x06, 0xCC, 0x37, 0x0A, 0x0B,
0x18, 0xC8, 0xB8, 0x86, 0xE9, 0x5D, 0xA0, 0xAF, 0x52, 0x35, 0xFE, 0xF4,
0x39, 0x30, 0x20, 0xD2, 0xB7, 0xF3, 0x05, 0x69, 0x04, 0x75, 0x90, 0x42
};
byte key_[] = {
0x5C, 0xBC, 0x21, 0x9D, 0xB0, 0x52, 0x13, 0x8E, 0xE1, 0x14, 0x8C, 0x71,
0xCD, 0x44, 0x98, 0x96, 0x3D, 0x68, 0x25, 0x49, 0xCE, 0x91, 0xCA, 0x24,
0xF0, 0x98, 0x46, 0x8F, 0x06, 0x01, 0x5B, 0xEB, 0x6A, 0xF2, 0x45, 0xC2,
0x09, 0x3F, 0x98, 0xC3, 0x65, 0x1B, 0xCA, 0x83, 0xAB, 0x8C, 0xAB, 0x2B,
0x58, 0x0B, 0xBF, 0x02, 0x18, 0x4F, 0xEF, 0xDF, 0x26, 0x14, 0x2F, 0x73,
0xDF, 0x95, 0xAC, 0x50
};
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA512, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA512, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&cli, username_, usernameSz_));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username_, usernameSz_));
AssertIntEQ(0, wc_SrpSetParams(&cli, N_, sizeof(N_),
g_, sizeof(g_),
salt_, sizeof(salt_)));
AssertIntEQ(0, wc_SrpSetParams(&srv, N_, sizeof(N_),
g_, sizeof(g_),
salt_, sizeof(salt_)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password_, passwordSz_));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier_, sizeof(verifier_)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a_, sizeof(a_)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, A_, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b_, sizeof(b_)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, B_, serverPubKeySz));
cli.keyGenFunc_cb = sha512_key_gen;
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, key_, sizeof(key_)));
srv.keyGenFunc_cb = sha512_key_gen;
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(srv.key, key_, sizeof(key_)));
AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
#endif
void SrpTest(void)
{
#ifdef WOLFCRYPT_HAVE_SRP
test_SrpInit();
test_SrpSetUsername();
test_SrpSetParams();
test_SrpSetPassword();
test_SrpGetPublic();
test_SrpComputeKey();
test_SrpGetProofAndVerify();
test_SrpKeyGenFunc_cb();
#endif
}

44
tests/suites.c
View File

@@ -36,7 +36,7 @@
#define MAX_COMMAND_SZ 240
#define MAX_SUITE_SZ 80
#define NOT_BUILT_IN -123
#ifdef NO_OLD_TLS
#if defined(NO_OLD_TLS) || !defined(WOLFSSL_ALLOW_SSLV3)
#define VERSION_TOO_OLD -124
#endif
@@ -52,6 +52,28 @@ static char flagSep[] = " ";
static char svrPort[] = "0";
#ifndef WOLFSSL_ALLOW_SSLV3
/* if the protocol version is sslv3 return 1, else 0 */
static int IsSslVersion(const char* line)
{
const char* find = "-v ";
char* begin = strstr(line, find);
if (begin) {
int version = -1;
begin += 3;
version = atoi(begin);
if (version == 0)
return 1;
}
return 0;
}
#endif /* !WOLFSSL_ALLOW_SSLV3 */
#ifdef NO_OLD_TLS
/* if the protocol version is less than tls 1.2 return 1, else 0 */
static int IsOldTlsVersion(const char* line)
@@ -168,6 +190,15 @@ static int execute_test_case(int svr_argc, char** svr_argv,
return NOT_BUILT_IN;
}
#ifndef WOLFSSL_ALLOW_SSLV3
if (IsSslVersion(commandLine) == 1) {
#ifdef DEBUG_SUITE_TESTS
printf("protocol version on line %s is too old\n", commandLine);
#endif
return VERSION_TOO_OLD;
}
#endif
#ifdef NO_OLD_TLS
if (IsOldTlsVersion(commandLine) == 1) {
#ifdef DEBUG_SUITE_TESTS
@@ -476,6 +507,17 @@ int SuiteTest(void)
}
#endif
#ifndef NO_PSK
/* add psk extra suites */
strcpy(argv0[1], "tests/test-psk-no-id.conf");
printf("starting psk no identity extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
printf(" End Cipher Suite Tests\n");
wolfSSL_CTX_free(cipherSuiteCtx);

154
tests/test-psk-no-id.conf Normal file
View File

@@ -0,0 +1,154 @@
# No Hint server TLSv1 PSK-AES128
-s
-I
-v 1
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1 PSK-AES128
-s
-v 1
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1 PSK-AES256
-s
-I
-v 1
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1 PSK-AES256
-s
-v 1
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.1 PSK-AES128
-s
-I
-v 2
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1.1 PSK-AES128
-s
-v 2
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1.1 PSK-AES256
-s
-I
-v 2
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1.1 PSK-AES256
-s
-v 2
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.2 PSK-AES128
-s
-I
-v 3
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1.2 PSK-AES128
-s
-v 3
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1.2 PSK-AES256
-s
-I
-v 3
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1.2 PSK-AES256
-s
-v 3
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.0 PSK-AES128-SHA256
-s
-I
-v 1
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# No Hint server TLSv1.1 PSK-AES128-SHA256
-s
-I
-v 2
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
# No Hint server TLSv1.2 PSK-AES128-SHA256
-s
-I
-v 3
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.2 PSK-AES128-SHA256
-s
-v 3
-l PSK-AES128-CBC-SHA256
# No Hint server TLSv1.0 PSK-AES256-SHA384
-s
-I
-v 1
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# No Hint server TLSv1.1 PSK-AES256-SHA384
-s
-I
-v 2
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384
# No Hint server TLSv1.2 PSK-AES256-SHA384
-s
-I
-v 3
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.2 PSK-AES256-SHA384
-s
-v 3
-l PSK-AES256-CBC-SHA384
# server TLSv1.2 PSK-AES128-GCM-SHA256
-s
-I
-v 3
-l PSK-AES128-GCM-SHA256
# client TLSv1.2 PSK-AES128-GCM-SHA256
-s
-v 3
-l PSK-AES128-GCM-SHA256
# server TLSv1.2 PSK-AES256-GCM-SHA384
-s
-I
-v 3
-l PSK-AES256-GCM-SHA384
# client TLSv1.2 PSK-AES256-GCM-SHA384
-s
-v 3
-l PSK-AES256-GCM-SHA384

3
tests/unit.c
View File

@@ -77,6 +77,8 @@ int unit_test(int argc, char** argv)
}
#endif
SrpTest();
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
@@ -176,4 +178,3 @@ void FreeTcpReady(tcp_ready* ready)
(void)ready;
#endif
}

6
tests/unit.h
View File

@@ -27,8 +27,8 @@
#define Fail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
printf("\n\n test: "); printf description; \
printf("\n\n result: "); printf result; \
printf("\n expected: "); printf description; \
printf("\n result: "); printf result; printf("\n\n"); \
abort(); \
} while(0)
@@ -78,7 +78,7 @@
void ApiTest(void);
int SuiteTest(void);
int HashTest(void);
void SrpTest(void);
#endif /* CyaSSL_UNIT_H */

6
wolfcrypt/benchmark/benchmark.c
View File

@@ -32,7 +32,11 @@
#ifdef FREESCALE_MQX
#include <mqx.h>
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif
@@ -194,7 +198,7 @@ static int OpenNitroxDevice(int dma_mode,int dev_id)
#if !defined(NO_RSA) || !defined(NO_DH) \
|| defined(WOLFSSL_KEYGEN) || defined(HAVE_ECC)
#define HAVE_LOCAL_RNG
static RNG rng;
static WC_RNG rng;
#endif
/* use kB instead of mB for embedded benchmarking */

66
wolfcrypt/src/aes.c
View File

@@ -55,19 +55,6 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
}
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
}
/* AES-CTR */
#ifdef WOLFSSL_AES_COUNTER
void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
@@ -1727,59 +1714,6 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
}
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
/* AES-DIRECT */

32
wolfcrypt/src/asn.c
View File

@@ -42,6 +42,7 @@
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/hash.h>
#ifndef NO_RC4
@@ -66,7 +67,11 @@
#ifdef WOLFSSL_DEBUG_ENCODING
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif
@@ -904,6 +909,9 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt,
byte key[MAX_KEY_SIZE];
#endif
(void)input;
(void)length;
switch (id) {
case PBE_MD5_DES:
typeH = MD5;
@@ -1484,11 +1492,13 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
int err;
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
@@ -4913,11 +4923,13 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
int err;
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
@@ -5755,7 +5767,7 @@ static int SetName(byte* output, CertName* name)
/* encode info from cert into DER encoded format */
static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
RNG* rng, const byte* ntruKey, word16 ntruSz)
WC_RNG* rng, const byte* ntruKey, word16 ntruSz)
{
int ret;
@@ -5927,7 +5939,7 @@ static int WriteCertBody(DerCert* der, byte* buffer)
/* Make RSA signature from buffer (sz), write to sig (sigSz) */
static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng,
int sigAlgoType)
{
int encSigSz, digestSz, typeH = 0, ret = 0;
@@ -6052,7 +6064,7 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
/* Make an x509 Certificate v3 any key type from cert input, write to buffer */
static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng,
const byte* ntruKey, word16 ntruSz)
{
int ret;
@@ -6089,7 +6101,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
/* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */
int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
ecc_key* eccKey, RNG* rng)
ecc_key* eccKey, WC_RNG* rng)
{
return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, 0);
}
@@ -6098,7 +6110,7 @@ int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
#ifdef HAVE_NTRU
int wc_MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz, RNG* rng)
const byte* ntruKey, word16 keySz, WC_RNG* rng)
{
return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz);
}
@@ -6314,7 +6326,7 @@ int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
int wc_SignCert(int requestSz, int sType, byte* buffer, word32 buffSz,
RsaKey* rsaKey, ecc_key* eccKey, RNG* rng)
RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng)
{
int sigSz;
#ifdef WOLFSSL_SMALL_STACK
@@ -6351,7 +6363,7 @@ int wc_SignCert(int requestSz, int sType, byte* buffer, word32 buffSz,
int wc_MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz,
RsaKey* key, RNG* rng)
RsaKey* key, WC_RNG* rng)
{
int ret = wc_MakeCert(cert, buffer, buffSz, key, NULL, rng);
@@ -7583,7 +7595,7 @@ int EncodeOcspRequest(OcspRequest* req)
extSz = 0;
if (req->useNonce) {
RNG rng;
WC_RNG rng;
if (wc_InitRng(&rng) != 0) {
WOLFSSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce.");
} else {

4
wolfcrypt/src/coding.c
View File

@@ -225,7 +225,7 @@ static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
}
*i = idx;
return getSzOnly ? LENGTH_ONLY_E : 0;
return 0;
}
@@ -319,6 +319,8 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
return ASN_INPUT_E;
*outLen = i;
if(ret == 0)
return getSzOnly ? LENGTH_ONLY_E : 0;
return ret;
}

2
wolfcrypt/src/curve25519.c
View File

@@ -46,7 +46,7 @@ const curve25519_set_type curve25519_sets[] = {
};
int wc_curve25519_make_key(RNG* rng, int keysize, curve25519_key* key)
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
{
unsigned char basepoint[CURVE25519_KEYSIZE] = {9};
int ret;

135
wolfcrypt/src/des3.c
View File

@@ -91,37 +91,12 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcDecryptWithKey(out, in, sz, key, iv);
}
int wc_Des3_SetIV(Des3* des, const byte* iv)
{
return Des3_SetIV_fips(des, iv);
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des3_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des3_CbcDecryptWithKey(out, in, sz, key, iv);
}
#ifdef HAVE_CAVIUM
/* Initiliaze Des3 for use with Nitrox device */
@@ -1501,61 +1476,6 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des_CbcEncrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des_CbcDecrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_SetIV(Des3* des, const byte* iv)
{
if (des && iv)
@@ -1567,61 +1487,6 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#ifdef HAVE_CAVIUM
#include "cavium_common.h"

4
wolfcrypt/src/dh.c
View File

@@ -83,7 +83,7 @@ static word32 DiscreteLogWorkFactor(word32 n)
}
static int GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz)
static int GeneratePrivate(DhKey* key, WC_RNG* rng, byte* priv, word32* privSz)
{
int ret;
word32 sz = mp_unsigned_bin_size(&key->p);
@@ -132,7 +132,7 @@ static int GeneratePublic(DhKey* key, const byte* priv, word32 privSz,
}
int wc_DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz,
int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv, word32* privSz,
byte* pub, word32* pubSz)
{
int ret = GeneratePrivate(key, rng, priv, privSz);

7
wolfcrypt/src/dsa.c
View File

@@ -18,7 +18,6 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -85,7 +84,7 @@ void wc_FreeDsaKey(DsaKey* key)
#ifdef WOLFSSL_KEY_GEN
int wc_MakeDsaKey(RNG *rng, DsaKey *dsa)
int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa)
{
unsigned char *buf;
int qsize, err;
@@ -146,7 +145,7 @@ int wc_MakeDsaKey(RNG *rng, DsaKey *dsa)
}
/* modulus_size in bits */
int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa)
int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
{
mp_int tmp, tmp2;
int err, msize, qsize,
@@ -341,7 +340,7 @@ int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa)
#endif /* WOLFSSL_KEY_GEN */
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
{
mp_int k, kInv, r, s, H;
int ret, sz;

16
wolfcrypt/src/ecc.c
View File

@@ -1652,7 +1652,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
}
static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
{
int err;
ecc_point* base;
@@ -1775,7 +1775,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
return MP_OKAY if successful,
upon error all allocated memory will be freed
*/
int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key)
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key)
{
int x, err;
@@ -1835,7 +1835,7 @@ int wc_ecc_init(ecc_key* key)
return MP_OKAY if successful
*/
int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key)
WC_RNG* rng, ecc_key* key)
{
mp_int r;
mp_int s;
@@ -1870,7 +1870,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
s [out] The destination for s component of the signature
return MP_OKAY if successful
*/
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s)
{
mp_int e;
@@ -4331,7 +4331,9 @@ static int accel_fp_mul2add(int idx1, int idx2,
if ((err = mp_to_unsigned_bin(&tka, kb[0])) != MP_OKAY) {
mp_clear(&tka);
mp_clear(&tkb);
#ifdef WOLFSSL_SMALL_STACK
XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return err;
}
@@ -4832,7 +4834,7 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt)
}
static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng)
static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, WC_RNG* rng)
{
byte* saltBuffer = NULL;
@@ -4864,7 +4866,7 @@ static void ecc_ctx_init(ecEncCtx* ctx, int flags)
/* allow ecc context reset so user doesn't have to init/free for resue */
int wc_ecc_ctx_reset(ecEncCtx* ctx, RNG* rng)
int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng)
{
if (ctx == NULL || rng == NULL)
return BAD_FUNC_ARG;
@@ -4875,7 +4877,7 @@ int wc_ecc_ctx_reset(ecEncCtx* ctx, RNG* rng)
/* alloc/init and set defaults, return new Context */
ecEncCtx* wc_ecc_ctx_new(int flags, RNG* rng)
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng)
{
int ret = 0;
ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC);

6
wolfcrypt/src/ed25519.c
View File

@@ -32,6 +32,7 @@
#include <wolfssl/wolfcrypt/ed25519.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/hash.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
@@ -41,7 +42,7 @@
/* generate an ed25519 key pair.
* returns 0 on success
*/
int wc_ed25519_make_key(RNG* rng, int keySz, ed25519_key* key)
int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
{
byte az[ED25519_PRV_KEY_SIZE];
int ret;
@@ -111,6 +112,8 @@ int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
/* step 1: create nonce to use where nonce is r in
r = H(h_b, ... ,h_2b-1,M) */
ret = wc_Sha512Hash(key->k, ED25519_KEY_SIZE, az);
if (ret != 0)
return ret;
/* apply clamp */
az[0] &= 248;
@@ -377,6 +380,7 @@ int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen)
return 0;
}
/*
export private key, including public part
outLen should contain the size of out buffer when input. outLen is than set

9
wolfcrypt/src/error.c
View File

@@ -328,6 +328,15 @@ const char* wc_GetErrorString(int error)
case ECC_PRIV_KEY_E:
return " ECC private key is not valid error";
case SRP_CALL_ORDER_E:
return "SRP function called in the wrong order error";
case SRP_VERIFY_E:
return "SRP proof verification error";
case SRP_BAD_KEY_E:
return "SRP bad key values error";
default:
return "unknown error number";

136
wolfcrypt/src/hash.c
View File

@@ -24,6 +24,8 @@
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#if !defined(WOLFSSL_TI_HASH)
@@ -55,8 +57,40 @@ int wc_ShaGetHash(Sha* sha, byte* hash)
WOLFSSL_API void wc_ShaRestorePos(Sha* s1, Sha* s2) {
*s1 = *s2 ;
}
int wc_ShaHash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha* sha;
#else
Sha sha[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaFinal(sha, hash);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* !defined(NO_SHA) */
#if !defined(NO_SHA256)
int wc_Sha256GetHash(Sha256* sha256, byte* hash)
{
@@ -70,7 +104,109 @@ int wc_Sha256GetHash(Sha256* sha256, byte* hash)
WOLFSSL_API void wc_Sha256RestorePos(Sha256* s1, Sha256* s2) {
*s1 = *s2 ;
}
int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha256* sha256;
#else
Sha256 sha256[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha256 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("InitSha256 failed");
}
else if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
WOLFSSL_MSG("Sha256Update failed");
}
else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
WOLFSSL_MSG("Sha256Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* !defined(NO_SHA256) */
#if defined(WOLFSSL_SHA512)
int wc_Sha512Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha512* sha512;
#else
Sha512 sha512[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha512 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("InitSha512 failed");
}
else if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
WOLFSSL_MSG("Sha512Update failed");
}
else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
WOLFSSL_MSG("Sha512Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#if defined(WOLFSSL_SHA384)
int wc_Sha384Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha384* sha384;
#else
Sha384 sha384[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("InitSha384 failed");
}
else if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
WOLFSSL_MSG("Sha384Update failed");
}
else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
WOLFSSL_MSG("Sha384Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* defined(WOLFSSL_SHA384) */
#endif /* defined(WOLFSSL_SHA512) */
#endif /* !defined(WOLFSSL_TI_HASH) */

1
wolfcrypt/src/hmac.c
View File

@@ -876,4 +876,3 @@ int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
#endif /* HAVE_FIPS */
#endif /* NO_HMAC */

10
wolfcrypt/src/integer.c
View File

@@ -47,7 +47,11 @@
#ifdef SHOW_GEN
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif
@@ -4284,7 +4288,7 @@ static int mp_prime_is_divisible (mp_int * a, int *result)
static const int USE_BBS = 1;
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap)
{
int err, res, type;
byte* buf;
@@ -4535,12 +4539,14 @@ LBL_U:mp_clear (&v);
#endif /* WOLFSSL_KEY_GEN */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
/* chars used in radix conversions */
const char *mp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz+/";
#endif
#ifdef HAVE_ECC
/* read a string [ASCII] in a given radix */
int mp_read_radix (mp_int * a, const char *str, int radix)
{

4
wolfcrypt/src/logging.c
View File

@@ -90,7 +90,11 @@ void wolfSSL_Debugging_OFF(void)
#ifdef DEBUG_WOLFSSL
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h> /* for default printf stuff */
#endif

4
wolfcrypt/src/pkcs7.c
View File

@@ -945,7 +945,7 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
/* create ASN.1 fomatted RecipientInfo structure, returns sequence size */
WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
int keyEncAlgo, int blockKeySz,
RNG* rng, byte* contentKeyPlain,
WC_RNG* rng, byte* contentKeyPlain,
byte* contentKeyEnc,
int* keyEncSz, byte* out, word32 outSz)
{
@@ -1178,7 +1178,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
byte envDataSeq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
RNG rng;
WC_RNG rng;
int contentKeyEncSz, blockKeySz;
byte contentKeyPlain[MAX_CONTENT_KEY_LEN];
#ifdef WOLFSSL_SMALL_STACK

46
wolfcrypt/src/random.c
View File

@@ -39,33 +39,33 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
}
#ifdef HAVE_CAVIUM
int wc_InitRngCavium(RNG* rng, int i)
int wc_InitRngCavium(WC_RNG* rng, int i)
{
return InitRngCavium(rng, i);
}
#endif
int wc_InitRng(RNG* rng)
int wc_InitRng(WC_RNG* rng)
{
return InitRng_fips(rng);
}
int wc_RNG_GenerateBlock(RNG* rng, byte* b, word32 sz)
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* b, word32 sz)
{
return RNG_GenerateBlock_fips(rng, b, sz);
}
int wc_RNG_GenerateByte(RNG* rng, byte* b)
int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
{
return RNG_GenerateByte(rng, b);
}
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
int wc_FreeRng(RNG* rng)
int wc_FreeRng(WC_RNG* rng)
{
return FreeRng_fips(rng);
}
@@ -434,7 +434,7 @@ static int Hash_DRBG_Uninstantiate(DRBG* drbg)
/* Get seed and key cipher */
int wc_InitRng(RNG* rng)
int wc_InitRng(WC_RNG* rng)
{
int ret = BAD_FUNC_ARG;
@@ -487,7 +487,7 @@ int wc_InitRng(RNG* rng)
/* place a generated block in output */
int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
int ret;
@@ -536,13 +536,13 @@ int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
}
int wc_RNG_GenerateByte(RNG* rng, byte* b)
int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
{
return wc_RNG_GenerateBlock(rng, b, 1);
}
int wc_FreeRng(RNG* rng)
int wc_FreeRng(WC_RNG* rng)
{
int ret = BAD_FUNC_ARG;
@@ -687,7 +687,7 @@ static int wc_RNG_HealthTestLocal(int reseed)
#else /* HAVE_HASHDRBG || NO_RC4 */
/* Get seed and key cipher */
int wc_InitRng(RNG* rng)
int wc_InitRng(WC_RNG* rng)
{
int ret;
#ifdef WOLFSSL_SMALL_STACK
@@ -736,11 +736,11 @@ int wc_InitRng(RNG* rng)
}
#ifdef HAVE_CAVIUM
static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz);
static void CaviumRNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz);
#endif
/* place a generated block in output */
int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
#ifdef HAVE_INTEL_RDGEN
if(IS_INTEL_RDRAND)
@@ -757,13 +757,13 @@ int wc_RNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
}
int wc_RNG_GenerateByte(RNG* rng, byte* b)
int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
{
return wc_RNG_GenerateBlock(rng, b, 1);
}
int wc_FreeRng(RNG* rng)
int wc_FreeRng(WC_RNG* rng)
{
(void)rng;
return 0;
@@ -776,7 +776,7 @@ int wc_FreeRng(RNG* rng)
#include "cavium_common.h"
/* Initiliaze RNG for use with Nitrox device */
int wc_InitRngCavium(RNG* rng, int devId)
int wc_InitRngCavium(WC_RNG* rng, int devId)
{
if (rng == NULL)
return -1;
@@ -788,7 +788,7 @@ int wc_InitRngCavium(RNG* rng, int devId)
}
static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
static void CaviumRNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
{
wolfssl_word offset = 0;
word32 requestId;
@@ -1017,18 +1017,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
#elif defined(MBED)
/* write a real one !!!, just for testing board */
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
for (i = 0; i < sz; i++ )
output[i] = i;
return 0;
}
#elif defined(MICROCHIP_PIC32)
#ifdef MICROCHIP_MPLAB_HARMONY
@@ -1225,7 +1213,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return 0;
}
#elif defined(WOLFSSL_LPC43xx) || defined(WOLFSSL_STM32F2xx)
#elif defined(WOLFSSL_LPC43xx) || defined(WOLFSSL_STM32F2xx) || defined(MBED)
#warning "write a real random seed!!!!, just for testing now"

30
wolfcrypt/src/rsa.c
View File

@@ -43,7 +43,7 @@ int wc_FreeRsaKey(RsaKey* key)
int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng)
word32 outLen, RsaKey* key, WC_RNG* rng)
{
return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
}
@@ -64,7 +64,7 @@ int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng)
word32 outLen, RsaKey* key, WC_RNG* rng)
{
return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
}
@@ -96,7 +96,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
return RsaFlattenPublicKey(key, a, aSz, b, bSz);
}
#ifdef WOLFSSL_KEY_GEN
int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
return MakeRsaKey(key, size, e, rng);
}
@@ -144,6 +144,22 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32 outLen, RsaKey* key);
#endif
enum {
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
int wc_InitRsaKey(RsaKey* key, void* heap)
{
#ifdef HAVE_CAVIUM
@@ -203,7 +219,7 @@ int wc_FreeRsaKey(RsaKey* key)
}
static int wc_RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
word32 pkcsBlockLen, byte padValue, RNG* rng)
word32 pkcsBlockLen, byte padValue, WC_RNG* rng)
{
if (inputLen == 0)
return 0;
@@ -375,7 +391,7 @@ done:
int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng)
RsaKey* key, WC_RNG* rng)
{
int sz, ret;
@@ -521,7 +537,7 @@ int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
/* for Rsa Sign */
int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key, RNG* rng)
RsaKey* key, WC_RNG* rng)
{
int sz, ret;
@@ -588,7 +604,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
#ifdef WOLFSSL_KEY_GEN
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
mp_int p, q, tmp1, tmp2, tmp3;
int err;

35
wolfcrypt/src/sha.c
View File

@@ -57,11 +57,6 @@
return ShaFinal_fips(sha,out);
}
int wc_ShaHash(const byte* data, word32 sz, byte* out)
{
return ShaHash(data, sz, out);
}
#else /* else build without fips */
#if defined(WOLFSSL_TI_HASH)
@@ -421,36 +416,6 @@ int wc_ShaFinal(Sha* sha, byte* hash)
#endif /* STM32F2_HASH */
int wc_ShaHash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha* sha;
#else
Sha sha[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha(sha)) != 0) {
WOLFSSL_MSG("wc_InitSha failed");
}
else {
wc_ShaUpdate(sha, data, len);
wc_ShaFinal(sha, hash);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* HAVE_FIPS */
#endif /* WOLFSSL_TI_HASH */

36
wolfcrypt/src/sha256.c
View File

@@ -49,11 +49,6 @@ int wc_Sha256Final(Sha256* sha, byte* out)
}
int wc_Sha256Hash(const byte* data, word32 len, byte* out)
{
return Sha256Hash(data, len, out);
}
#else /* else build without fips */
#if !defined(NO_SHA256) && defined(WOLFSSL_TI_HASH)
@@ -545,37 +540,6 @@ int wc_Sha256Final(Sha256* sha256, byte* hash)
int wc_Sha256Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha256* sha256;
#else
Sha256 sha256[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha256 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("InitSha256 failed");
}
else if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
WOLFSSL_MSG("Sha256Update failed");
}
else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
WOLFSSL_MSG("Sha256Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#if defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)

71
wolfcrypt/src/sha512.c
View File

@@ -47,11 +47,6 @@ int wc_Sha512Final(Sha512* sha, byte* out)
}
int wc_Sha512Hash(const byte* data, word32 len, byte* out)
{
return Sha512Hash(data, len, out);
}
#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
int wc_InitSha384(Sha384* sha)
@@ -72,10 +67,6 @@ int wc_Sha384Final(Sha384* sha, byte* out)
}
int wc_Sha384Hash(const byte* data, word32 len, byte* out)
{
return Sha384Hash(data, len, out);
}
#endif /* WOLFSSL_SHA384 */
#else /* else build without using fips */
#include <wolfssl/wolfcrypt/logging.h>
@@ -609,37 +600,6 @@ int wc_Sha512Final(Sha512* sha512, byte* hash)
}
int wc_Sha512Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha512* sha512;
#else
Sha512 sha512[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha512 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("InitSha512 failed");
}
else if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
WOLFSSL_MSG("Sha512Update failed");
}
else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
WOLFSSL_MSG("Sha512Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#if defined(HAVE_INTEL_AVX1)
@@ -1563,37 +1523,6 @@ int wc_Sha384Final(Sha384* sha384, byte* hash)
}
int wc_Sha384Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Sha384* sha384;
#else
Sha384 sha384[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("InitSha384 failed");
}
else if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
WOLFSSL_MSG("Sha384Update failed");
}
else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
WOLFSSL_MSG("Sha384Final failed");
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#if defined(HAVE_INTEL_AVX1)

677
wolfcrypt/src/srp.c Normal file
View File

@@ -0,0 +1,677 @@
/* srp.c
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#ifdef WOLFCRYPT_HAVE_SRP
#include <wolfssl/wolfcrypt/srp.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#include <wolfcrypt/src/misc.c>
#endif
/** Computes the session key using the Mask Generation Function 1. */
static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size);
static int SrpHashInit(SrpHash* hash, SrpType type)
{
hash->type = type;
switch (type) {
#ifndef NO_SHA
case SRP_TYPE_SHA:
return wc_InitSha(&hash->data.sha);
#endif
#ifndef NO_SHA256
case SRP_TYPE_SHA256:
return wc_InitSha256(&hash->data.sha256);
#endif
#ifdef WOLFSSL_SHA384
case SRP_TYPE_SHA384:
return wc_InitSha384(&hash->data.sha384);
#endif
#ifdef WOLFSSL_SHA512
case SRP_TYPE_SHA512:
return wc_InitSha512(&hash->data.sha512);
#endif
default:
return BAD_FUNC_ARG;
}
}
static int SrpHashUpdate(SrpHash* hash, const byte* data, word32 size)
{
switch (hash->type) {
#ifndef NO_SHA
case SRP_TYPE_SHA:
return wc_ShaUpdate(&hash->data.sha, data, size);
#endif
#ifndef NO_SHA256
case SRP_TYPE_SHA256:
return wc_Sha256Update(&hash->data.sha256, data, size);
#endif
#ifdef WOLFSSL_SHA384
case SRP_TYPE_SHA384:
return wc_Sha384Update(&hash->data.sha384, data, size);
#endif
#ifdef WOLFSSL_SHA512
case SRP_TYPE_SHA512:
return wc_Sha512Update(&hash->data.sha512, data, size);
#endif
default:
return BAD_FUNC_ARG;
}
}
static int SrpHashFinal(SrpHash* hash, byte* digest)
{
switch (hash->type) {
#ifndef NO_SHA
case SRP_TYPE_SHA:
return wc_ShaFinal(&hash->data.sha, digest);
#endif
#ifndef NO_SHA256
case SRP_TYPE_SHA256:
return wc_Sha256Final(&hash->data.sha256, digest);
#endif
#ifdef WOLFSSL_SHA384
case SRP_TYPE_SHA384:
return wc_Sha384Final(&hash->data.sha384, digest);
#endif
#ifdef WOLFSSL_SHA512
case SRP_TYPE_SHA512:
return wc_Sha512Final(&hash->data.sha512, digest);
#endif
default:
return BAD_FUNC_ARG;
}
}
static word32 SrpHashSize(SrpType type)
{
switch (type) {
#ifndef NO_SHA
case SRP_TYPE_SHA:
return SHA_DIGEST_SIZE;
#endif
#ifndef NO_SHA256
case SRP_TYPE_SHA256:
return SHA256_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA384
case SRP_TYPE_SHA384:
return SHA384_DIGEST_SIZE;
#endif
#ifdef WOLFSSL_SHA512
case SRP_TYPE_SHA512:
return SHA512_DIGEST_SIZE;
#endif
default:
return 0;
}
}
int wc_SrpInit(Srp* srp, SrpType type, SrpSide side)
{
int r;
/* validating params */
if (!srp)
return BAD_FUNC_ARG;
if (side != SRP_CLIENT_SIDE && side != SRP_SERVER_SIDE)
return BAD_FUNC_ARG;
if (type != SRP_TYPE_SHA && type != SRP_TYPE_SHA256 &&
type != SRP_TYPE_SHA384 && type != SRP_TYPE_SHA512)
return BAD_FUNC_ARG;
/* initializing variables */
XMEMSET(srp, 0, sizeof(Srp));
if ((r = SrpHashInit(&srp->client_proof, type)) != 0)
return r;
if ((r = SrpHashInit(&srp->server_proof, type)) != 0)
return r;
if ((r = mp_init_multi(&srp->N, &srp->g, &srp->auth,
&srp->priv, 0, 0)) != 0)
return r;
srp->side = side; srp->type = type;
srp->salt = NULL; srp->saltSz = 0;
srp->user = NULL; srp->userSz = 0;
srp->key = NULL; srp->keySz = 0;
srp->keyGenFunc_cb = wc_SrpSetKey;
return 0;
}
void wc_SrpTerm(Srp* srp)
{
if (srp) {
mp_clear(&srp->N); mp_clear(&srp->g);
mp_clear(&srp->auth); mp_clear(&srp->priv);
ForceZero(srp->salt, srp->saltSz);
XFREE(srp->salt, NULL, DYNAMIC_TYPE_SRP);
ForceZero(srp->user, srp->userSz);
XFREE(srp->user, NULL, DYNAMIC_TYPE_SRP);
ForceZero(srp->key, srp->keySz);
XFREE(srp->key, NULL, DYNAMIC_TYPE_SRP);
ForceZero(srp, sizeof(Srp));
}
}
int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size)
{
if (!srp || !username)
return BAD_FUNC_ARG;
srp->user = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_SRP);
if (srp->user == NULL)
return MEMORY_E;
srp->userSz = size;
XMEMCPY(srp->user, username, srp->userSz);
return 0;
}
int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
const byte* g, word32 gSz,
const byte* salt, word32 saltSz)
{
SrpHash hash;
byte digest1[SRP_MAX_DIGEST_SIZE];
byte digest2[SRP_MAX_DIGEST_SIZE];
byte pad = 0;
int i, j, r;
if (!srp || !N || !g || !salt || nSz < gSz)
return BAD_FUNC_ARG;
if (!srp->user)
return SRP_CALL_ORDER_E;
/* Set N */
if (mp_read_unsigned_bin(&srp->N, N, nSz) != MP_OKAY)
return MP_READ_E;
if (mp_count_bits(&srp->N) < SRP_DEFAULT_MIN_BITS)
return BAD_FUNC_ARG;
/* Set g */
if (mp_read_unsigned_bin(&srp->g, g, gSz) != MP_OKAY)
return MP_READ_E;
if (mp_cmp(&srp->N, &srp->g) != MP_GT)
return BAD_FUNC_ARG;
/* Set salt */
if (srp->salt) {
ForceZero(srp->salt, srp->saltSz);
XFREE(srp->salt, NULL, DYNAMIC_TYPE_SRP);
}
srp->salt = (byte*)XMALLOC(saltSz, NULL, DYNAMIC_TYPE_SRP);
if (srp->salt == NULL)
return MEMORY_E;
XMEMCPY(srp->salt, salt, saltSz);
srp->saltSz = saltSz;
/* Set k = H(N, g) */
r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, (byte*) N, nSz);
for (i = 0; (word32)i < nSz - gSz; i++)
SrpHashUpdate(&hash, &pad, 1);
if (!r) r = SrpHashUpdate(&hash, (byte*) g, gSz);
if (!r) r = SrpHashFinal(&hash, srp->k);
/* update client proof */
/* digest1 = H(N) */
if (!r) r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, (byte*) N, nSz);
if (!r) r = SrpHashFinal(&hash, digest1);
/* digest2 = H(g) */
if (!r) r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, (byte*) g, gSz);
if (!r) r = SrpHashFinal(&hash, digest2);
/* digest1 = H(N) ^ H(g) */
if (r == 0) {
for (i = 0, j = SrpHashSize(srp->type); i < j; i++)
digest1[i] ^= digest2[i];
}
/* digest2 = H(user) */
if (!r) r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, srp->user, srp->userSz);
if (!r) r = SrpHashFinal(&hash, digest2);
/* client proof = H( H(N) ^ H(g) | H(user) | salt) */
if (!r) r = SrpHashUpdate(&srp->client_proof, digest1, j);
if (!r) r = SrpHashUpdate(&srp->client_proof, digest2, j);
if (!r) r = SrpHashUpdate(&srp->client_proof, salt, saltSz);
return r;
}
int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size)
{
SrpHash hash;
byte digest[SRP_MAX_DIGEST_SIZE];
word32 digestSz;
int r;
if (!srp || !password || srp->side != SRP_CLIENT_SIDE)
return BAD_FUNC_ARG;
if (!srp->salt)
return SRP_CALL_ORDER_E;
digestSz = SrpHashSize(srp->type);
/* digest = H(username | ':' | password) */
r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, srp->user, srp->userSz);
if (!r) r = SrpHashUpdate(&hash, (const byte*) ":", 1);
if (!r) r = SrpHashUpdate(&hash, password, size);
if (!r) r = SrpHashFinal(&hash, digest);
/* digest = H(salt | H(username | ':' | password)) */
if (!r) r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, srp->salt, srp->saltSz);
if (!r) r = SrpHashUpdate(&hash, digest, digestSz);
if (!r) r = SrpHashFinal(&hash, digest);
/* Set x (private key) */
if (!r) r = mp_read_unsigned_bin(&srp->auth, digest, digestSz);
ForceZero(digest, SRP_MAX_DIGEST_SIZE);
return r;
}
int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size)
{
mp_int v;
int r;
if (!srp || !verifier || !size || srp->side != SRP_CLIENT_SIDE)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
return SRP_CALL_ORDER_E;
r = mp_init(&v);
if (r != MP_OKAY)
return MP_INIT_E;
/* v = g ^ x % N */
if (!r) r = mp_exptmod(&srp->g, &srp->auth, &srp->N, &v);
if (!r) r = *size < (word32)mp_unsigned_bin_size(&v) ? BUFFER_E : MP_OKAY;
if (!r) r = mp_to_unsigned_bin(&v, verifier);
if (!r) *size = mp_unsigned_bin_size(&v);
mp_clear(&v);
return r;
}
int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size)
{
if (!srp || !verifier || srp->side != SRP_SERVER_SIDE)
return BAD_FUNC_ARG;
return mp_read_unsigned_bin(&srp->auth, verifier, size);
}
int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size)
{
mp_int p;
int r;
if (!srp || !private || !size)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
return SRP_CALL_ORDER_E;
r = mp_init(&p);
if (r != MP_OKAY)
return MP_INIT_E;
if (!r) r = mp_read_unsigned_bin(&p, private, size);
if (!r) r = mp_mod(&p, &srp->N, &srp->priv);
if (!r) r = mp_iszero(&srp->priv) ? SRP_BAD_KEY_E : 0;
mp_clear(&p);
return r;
}
/** Generates random data using wolfcrypt RNG. */
static int wc_SrpGenPrivate(Srp* srp, byte* private, word32 size)
{
WC_RNG rng;
int r = wc_InitRng(&rng);
if (!r) r = wc_RNG_GenerateBlock(&rng, private, size);
if (!r) r = wc_SrpSetPrivate(srp, private, size);
if (!r) wc_FreeRng(&rng);
return r;
}
int wc_SrpGetPublic(Srp* srp, byte* public, word32* size)
{
mp_int pubkey;
word32 modulusSz;
int r;
if (!srp || !public || !size)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->auth))
return SRP_CALL_ORDER_E;
modulusSz = mp_unsigned_bin_size(&srp->N);
if (*size < modulusSz)
return BUFFER_E;
r = mp_init(&pubkey);
if (r != MP_OKAY)
return MP_INIT_E;
/* priv = random() */
if (mp_iszero(&srp->priv))
r = wc_SrpGenPrivate(srp, public, modulusSz);
/* client side: A = g ^ a % N */
if (srp->side == SRP_CLIENT_SIDE) {
if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, &pubkey);
/* server side: B = (k * v + (g ^ b % N)) % N */
} else {
mp_int i, j;
if (mp_init_multi(&i, &j, 0, 0, 0, 0) == MP_OKAY) {
if (!r) r = mp_read_unsigned_bin(&i, srp->k,SrpHashSize(srp->type));
if (!r) r = mp_iszero(&i) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, &pubkey);
if (!r) r = mp_mulmod(&i, &srp->auth, &srp->N, &j);
if (!r) r = mp_add(&j, &pubkey, &i);
if (!r) r = mp_mod(&i, &srp->N, &pubkey);
mp_clear(&i); mp_clear(&j);
}
}
/* extract public key to buffer */
XMEMSET(public, 0, modulusSz);
if (!r) r = mp_to_unsigned_bin(&pubkey, public);
if (!r) *size = mp_unsigned_bin_size(&pubkey);
mp_clear(&pubkey);
return r;
}
static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size)
{
SrpHash hash;
byte digest[SRP_MAX_DIGEST_SIZE];
word32 i, j, digestSz = SrpHashSize(srp->type);
byte counter[4];
int r = BAD_FUNC_ARG;
srp->key = (byte*)XMALLOC(2 * digestSz, NULL, DYNAMIC_TYPE_SRP);
if (srp->key == NULL)
return MEMORY_E;
srp->keySz = 2 * digestSz;
for (i = j = 0; j < srp->keySz; i++) {
counter[0] = (i >> 24) & 0xFF;
counter[1] = (i >> 16) & 0xFF;
counter[2] = (i >> 8) & 0xFF;
counter[3] = i & 0xFF;
r = SrpHashInit(&hash, srp->type);
if (!r) r = SrpHashUpdate(&hash, secret, size);
if (!r) r = SrpHashUpdate(&hash, counter, 4);
if(j + digestSz > srp->keySz) {
if (!r) r = SrpHashFinal(&hash, digest);
XMEMCPY(srp->key + j, digest, srp->keySz - j);
j = srp->keySz;
}
else {
if (!r) r = SrpHashFinal(&hash, srp->key + j);
j += digestSz;
}
}
ForceZero(digest, sizeof(digest));
ForceZero(&hash, sizeof(SrpHash));
return r;
}
int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
byte* serverPubKey, word32 serverPubKeySz)
{
SrpHash hash;
byte *secret;
byte digest[SRP_MAX_DIGEST_SIZE];
word32 i, secretSz, digestSz;
mp_int u, s, temp1, temp2;
byte pad = 0;
int r;
/* validating params */
if (!srp || !clientPubKey || clientPubKeySz == 0
|| !serverPubKey || serverPubKeySz == 0)
return BAD_FUNC_ARG;
if (mp_iszero(&srp->priv))
return SRP_CALL_ORDER_E;
/* initializing variables */
if ((r = SrpHashInit(&hash, srp->type)) != 0)
return r;
digestSz = SrpHashSize(srp->type);
secretSz = mp_unsigned_bin_size(&srp->N);
if ((secret = (byte*)XMALLOC(secretSz, NULL, DYNAMIC_TYPE_SRP)) == NULL)
return MEMORY_E;
if ((r = mp_init_multi(&u, &s, &temp1, &temp2, 0, 0)) != MP_OKAY) {
XFREE(secret, NULL, DYNAMIC_TYPE_SRP);
return r;
}
/* building u (random scrambling parameeter) */
/* H(A) */
for (i = 0; !r && i < secretSz - clientPubKeySz; i++)
r = SrpHashUpdate(&hash, &pad, 1);
if (!r) r = SrpHashUpdate(&hash, clientPubKey, clientPubKeySz);
/* H(A | B) */
for (i = 0; !r && i < secretSz - serverPubKeySz; i++)
r = SrpHashUpdate(&hash, &pad, 1);
if (!r) r = SrpHashUpdate(&hash, serverPubKey, serverPubKeySz);
/* set u */
if (!r) r = SrpHashFinal(&hash, digest);
if (!r) r = mp_read_unsigned_bin(&u, digest, SrpHashSize(srp->type));
/* building s (secret) */
if (!r && srp->side == SRP_CLIENT_SIDE) {
/* temp1 = B - k * v; rejects k == 0, B == 0 and B >= N. */
r = mp_read_unsigned_bin(&temp1, srp->k, digestSz);
if (!r) r = mp_iszero(&temp1) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_exptmod(&srp->g, &srp->auth, &srp->N, &temp2);
if (!r) r = mp_mulmod(&temp1, &temp2, &srp->N, &s);
if (!r) r = mp_read_unsigned_bin(&temp2, serverPubKey, serverPubKeySz);
if (!r) r = mp_iszero(&temp2) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_cmp(&temp2, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_sub(&temp2, &s, &temp1);
/* temp2 = a + u * x */
if (!r) r = mp_mulmod(&u, &srp->auth, &srp->N, &s);
if (!r) r = mp_add(&srp->priv, &s, &temp2);
/* secret = temp1 ^ temp2 % N */
if (!r) r = mp_exptmod(&temp1, &temp2, &srp->N, &s);
} else if (!r && srp->side == SRP_SERVER_SIDE) {
/* temp1 = v ^ u % N */
r = mp_exptmod(&srp->auth, &u, &srp->N, &temp1);
/* temp2 = A * temp1 % N; rejects A == 0, A >= N */
if (!r) r = mp_read_unsigned_bin(&s, clientPubKey, clientPubKeySz);
if (!r) r = mp_iszero(&s) ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_cmp(&s, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_mulmod(&s, &temp1, &srp->N, &temp2);
/* rejects A * v ^ u % N >= 1, A * v ^ u % N == -1 % N */
if (!r) r = mp_read_unsigned_bin(&temp1, (const byte*)"\001", 1);
if (!r) r = mp_cmp(&temp2, &temp1) != MP_GT ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_sub(&srp->N, &temp1, &s);
if (!r) r = mp_cmp(&temp2, &s) == MP_EQ ? SRP_BAD_KEY_E : 0;
/* secret = temp2 * b % N */
if (!r) r = mp_exptmod(&temp2, &srp->priv, &srp->N, &s);
}
/* building session key from secret */
if (!r) r = mp_to_unsigned_bin(&s, secret);
if (!r) r = srp->keyGenFunc_cb(srp, secret, mp_unsigned_bin_size(&s));
/* updating client proof = H( H(N) ^ H(g) | H(user) | salt | A | B | K) */
if (!r) r = SrpHashUpdate(&srp->client_proof, clientPubKey, clientPubKeySz);
if (!r) r = SrpHashUpdate(&srp->client_proof, serverPubKey, serverPubKeySz);
if (!r) r = SrpHashUpdate(&srp->client_proof, srp->key, srp->keySz);
/* updating server proof = H(A) */
if (!r) r = SrpHashUpdate(&srp->server_proof, clientPubKey, clientPubKeySz);
XFREE(secret, NULL, DYNAMIC_TYPE_SRP);
mp_clear(&u); mp_clear(&s); mp_clear(&temp1); mp_clear(&temp2);
return r;
}
int wc_SrpGetProof(Srp* srp, byte* proof, word32* size)
{
int r;
if (!srp || !proof || !size)
return BAD_FUNC_ARG;
if (*size < SrpHashSize(srp->type))
return BUFFER_E;
if ((r = SrpHashFinal(srp->side == SRP_CLIENT_SIDE
? &srp->client_proof
: &srp->server_proof, proof)) != 0)
return r;
*size = SrpHashSize(srp->type);
if (srp->side == SRP_CLIENT_SIDE) {
/* server proof = H( A | client proof | K) */
if (!r) r = SrpHashUpdate(&srp->server_proof, proof, *size);
if (!r) r = SrpHashUpdate(&srp->server_proof, srp->key, srp->keySz);
}
return r;
}
int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size)
{
byte digest[SRP_MAX_DIGEST_SIZE];
int r;
if (!srp || !proof)
return BAD_FUNC_ARG;
if (size != SrpHashSize(srp->type))
return BUFFER_E;
r = SrpHashFinal(srp->side == SRP_CLIENT_SIDE ? &srp->server_proof
: &srp->client_proof, digest);
if (srp->side == SRP_SERVER_SIDE) {
/* server proof = H( A | client proof | K) */
if (!r) r = SrpHashUpdate(&srp->server_proof, proof, size);
if (!r) r = SrpHashUpdate(&srp->server_proof, srp->key, srp->keySz);
}
if (!r && XMEMCMP(proof, digest, size) != 0)
r = SRP_VERIFY_E;
return r;
}
#endif /* WOLFCRYPT_HAVE_SRP */

15
wolfcrypt/src/tfm.c
View File

@@ -2264,6 +2264,7 @@ static const int lnz[16] = {
4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
};
#ifdef WOLFSSL_KEY_GEN
/* swap the elements of two integers, for cases where you can't simply swap the
* mp_int pointers around
*/
@@ -2275,6 +2276,7 @@ static void fp_exch (fp_int * a, fp_int * b)
*a = *b;
*b = t;
}
#endif
/* Counts the number of lsbs which are zero before the first zero bit */
int fp_cnt_lsb(fp_int *a)
@@ -2410,7 +2412,7 @@ int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
void fp_gcd(fp_int *a, fp_int *b, fp_int *c);
void fp_lcm(fp_int *a, fp_int *b, fp_int *c);
int fp_isprime(fp_int *a);
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap);
int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
{
@@ -2433,7 +2435,7 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
return MP_OKAY;
}
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap)
{
int err;
@@ -2587,7 +2589,7 @@ int fp_isprime(fp_int *a)
return FP_YES;
}
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap)
int fp_randprime(fp_int* N, int len, WC_RNG* rng, void* heap)
{
static const int USE_BBS = 1;
int err, type;
@@ -2724,12 +2726,14 @@ int mp_add_d(fp_int *a, fp_digit b, fp_int *c)
#endif /* HAVE_ECC || !NO_PWDBASED */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
/* chars used in radix conversions */
static const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz+/";
#endif
#ifdef HAVE_ECC
static int fp_read_radix(fp_int *a, const char *str, int radix)
{
int y, neg;
@@ -2842,6 +2846,7 @@ int mp_cnt_lsb(fp_int* a)
#endif /* HAVE_COMP_KEY */
#endif /* HAVE_ECC */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
@@ -2953,7 +2958,5 @@ int mp_toradix (mp_int *a, char *str, int radix)
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
#endif /* HAVE_ECC */
#endif /* USE_FAST_MATH */

201
wolfcrypt/src/wc_encrypt.c Normal file
View File

@@ -0,0 +1,201 @@
/* wc_encrypt.c
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/wc_encrypt.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef NO_AES
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* !NO_AES */
#ifndef NO_DES3
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des_CbcEncrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des_CbcDecrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
#endif /* !NO_DES3 */

232
wolfcrypt/test/test.c
View File

@@ -53,6 +53,7 @@
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/dh.h>
#include <wolfssl/wolfcrypt/dsa.h>
#include <wolfssl/wolfcrypt/srp.h>
#include <wolfssl/wolfcrypt/hc128.h>
#include <wolfssl/wolfcrypt/rabbit.h>
#include <wolfssl/wolfcrypt/chacha.h>
@@ -125,8 +126,12 @@
#ifdef FREESCALE_MQX
#include <mqx.h>
#include <fio.h>
#include <stdlib.h>
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h>
#endif
@@ -179,6 +184,7 @@ int camellia_test(void);
int rsa_test(void);
int dh_test(void);
int dsa_test(void);
int srp_test(void);
int random_test(void);
int pwdbased_test(void);
int ripemd_test(void);
@@ -500,6 +506,13 @@ int wolfcrypt_test(void* args)
printf( "DSA test passed!\n");
#endif
#ifdef WOLFCRYPT_HAVE_SRP
if ( (ret = srp_test()) != 0)
return err_sys("SRP test failed!\n", ret);
else
printf( "SRP test passed!\n");
#endif
#ifndef NO_PWDBASED
if ( (ret = pwdbased_test()) != 0)
return err_sys("PWDBASED test failed!\n", ret);
@@ -3244,7 +3257,7 @@ int random_test(void)
int random_test(void)
{
RNG rng;
WC_RNG rng;
byte block[32];
int ret;
@@ -3272,7 +3285,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out);
byte GetEntropy(ENTROPY_CMD cmd, byte* out)
{
static RNG rng;
static WC_RNG rng;
if (cmd == INIT)
return (wc_InitRng(&rng) == 0) ? 1 : 0;
@@ -3344,7 +3357,7 @@ int rsa_test(void)
byte* tmp;
size_t bytes;
RsaKey key;
RNG rng;
WC_RNG rng;
word32 idx = 0;
int ret;
byte in[] = "Everyone gets Friday off.";
@@ -3478,19 +3491,25 @@ int rsa_test(void)
FILE* pemFile;
ret = wc_InitRsaKey(&genKey, 0);
if (ret != 0)
if (ret != 0) {
free(tmp);
return -300;
}
ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng);
if (ret != 0)
if (ret != 0) {
free(tmp);
return -301;
}
der = (byte*)malloc(FOURK_BUF);
if (der == NULL) {
free(tmp);
wc_FreeRsaKey(&genKey);
return -307;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(tmp);
free(der);
wc_FreeRsaKey(&genKey);
return -308;
@@ -3500,6 +3519,7 @@ int rsa_test(void)
if (derSz < 0) {
free(der);
free(pem);
free(tmp);
return -302;
}
@@ -3511,6 +3531,7 @@ int rsa_test(void)
if (!keyFile) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -303;
}
@@ -3519,6 +3540,7 @@ int rsa_test(void)
if (ret != derSz) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -313;
}
@@ -3527,6 +3549,7 @@ int rsa_test(void)
if (pemSz < 0) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -304;
}
@@ -3539,6 +3562,7 @@ int rsa_test(void)
if (!pemFile) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -305;
}
@@ -3547,6 +3571,7 @@ int rsa_test(void)
if (ret != pemSz) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -314;
}
@@ -3555,6 +3580,7 @@ int rsa_test(void)
if (ret != 0) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&genKey);
return -3060;
}
@@ -3563,6 +3589,7 @@ int rsa_test(void)
if (ret != 0) {
free(der);
free(pem);
free(tmp);
wc_FreeRsaKey(&derIn);
wc_FreeRsaKey(&genKey);
return -306;
@@ -3590,10 +3617,13 @@ int rsa_test(void)
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
if (derCert == NULL) {
free(tmp);
return -309;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(tmp);
free(derCert);
return -310;
}
@@ -3614,6 +3644,7 @@ int rsa_test(void)
if (certSz < 0) {
free(derCert);
free(pem);
free(tmp);
return -401;
}
@@ -3623,6 +3654,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -402;
}
FreeDecodedCert(&decode);
@@ -3636,6 +3668,7 @@ int rsa_test(void)
if (!derFile) {
free(derCert);
free(pem);
free(tmp);
return -403;
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
@@ -3643,6 +3676,7 @@ int rsa_test(void)
if (ret != certSz) {
free(derCert);
free(pem);
free(tmp);
return -414;
}
@@ -3650,6 +3684,7 @@ int rsa_test(void)
if (pemSz < 0) {
free(derCert);
free(pem);
free(tmp);
return -404;
}
@@ -3661,6 +3696,7 @@ int rsa_test(void)
if (!pemFile) {
free(derCert);
free(pem);
free(tmp);
return -405;
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
@@ -3668,6 +3704,7 @@ int rsa_test(void)
if (ret != pemSz) {
free(derCert);
free(pem);
free(tmp);
return -406;
}
free(pem);
@@ -3691,11 +3728,14 @@ int rsa_test(void)
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
if (derCert == NULL) {
free(tmp);
return -311;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(derCert);
free(tmp);
return -312;
}
@@ -3704,6 +3744,7 @@ int rsa_test(void)
if (!file3) {
free(derCert);
free(pem);
free(tmp);
return -412;
}
@@ -3714,18 +3755,24 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -411;
}
ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -413;
}
wc_InitCert(&myCert);
#ifdef NO_SHA
myCert.sigType = CTC_SHA256wRSA;
#endif
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
@@ -3738,6 +3785,7 @@ int rsa_test(void)
if (ret < 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -405;
}
@@ -3746,6 +3794,7 @@ int rsa_test(void)
if (certSz < 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -407;
}
@@ -3755,6 +3804,7 @@ int rsa_test(void)
if (certSz < 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -408;
}
@@ -3766,6 +3816,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -409;
}
@@ -3780,6 +3831,7 @@ int rsa_test(void)
if (!derFile) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -410;
}
@@ -3788,6 +3840,7 @@ int rsa_test(void)
if (ret != certSz) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -416;
}
@@ -3796,6 +3849,7 @@ int rsa_test(void)
if (pemSz < 0) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -411;
}
@@ -3808,6 +3862,7 @@ int rsa_test(void)
if (!pemFile) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -412;
}
@@ -3815,6 +3870,7 @@ int rsa_test(void)
if (ret != pemSz) {
free(derCert);
free(pem);
free(tmp);
wc_FreeRsaKey(&caKey);
return -415;
}
@@ -3842,11 +3898,14 @@ int rsa_test(void)
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
if (derCert == NULL) {
free(tmp);
return -5311;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(derCert);
free(tmp);
return -5312;
}
@@ -3855,6 +3914,7 @@ int rsa_test(void)
if (!file3) {
free(derCert);
free(pem);
free(tmp);
return -5412;
}
@@ -3866,6 +3926,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -5413;
}
@@ -3885,6 +3946,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5405;
}
@@ -3893,6 +3955,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5407;
}
@@ -3902,6 +3965,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5408;
}
@@ -3909,6 +3973,7 @@ int rsa_test(void)
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) {
free(tmp);
free(pem);
free(derCert);
wc_ecc_free(&caKey);
@@ -3926,6 +3991,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5410;
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
@@ -3934,6 +4000,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5414;
}
@@ -3942,6 +4009,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5411;
}
@@ -3954,6 +4022,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5412;
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
@@ -3961,6 +4030,7 @@ int rsa_test(void)
free(pem);
free(derCert);
wc_ecc_free(&caKey);
free(tmp);
return -5415;
}
fclose(pemFile);
@@ -3986,11 +4056,14 @@ int rsa_test(void)
DecodedCert decode;
#endif
derCert = (byte*)malloc(FOURK_BUF);
if (derCert == NULL)
if (derCert == NULL) {
free(tmp);
return -311;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(derCert);
free(tmp);
return -312;
}
@@ -4007,6 +4080,7 @@ int rsa_test(void)
if (rc != DRBG_OK) {
free(derCert);
free(pem);
free(tmp);
return -448;
}
@@ -4016,6 +4090,7 @@ int rsa_test(void)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
free(tmp);
return -449;
}
@@ -4025,6 +4100,7 @@ int rsa_test(void)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
free(tmp);
return -450;
}
@@ -4033,6 +4109,7 @@ int rsa_test(void)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
free(tmp);
return -451;
}
@@ -4041,6 +4118,7 @@ int rsa_test(void)
if (!caFile) {
free(derCert);
free(pem);
free(tmp);
return -452;
}
@@ -4051,12 +4129,14 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -453;
}
ret = wc_RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -454;
}
@@ -4075,6 +4155,7 @@ int rsa_test(void)
free(derCert);
free(pem);
wc_FreeRsaKey(&caKey);
free(tmp);
return -455;
}
@@ -4084,6 +4165,7 @@ int rsa_test(void)
free(derCert);
free(pem);
wc_FreeRsaKey(&caKey);
free(tmp);
return -456;
}
@@ -4093,6 +4175,7 @@ int rsa_test(void)
if (certSz < 0) {
free(derCert);
free(pem);
free(tmp);
return -457;
}
@@ -4103,6 +4186,7 @@ int rsa_test(void)
if (ret != 0) {
free(derCert);
free(pem);
free(tmp);
return -458;
}
FreeDecodedCert(&decode);
@@ -4111,6 +4195,7 @@ int rsa_test(void)
if (!derFile) {
free(derCert);
free(pem);
free(tmp);
return -459;
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
@@ -4118,6 +4203,7 @@ int rsa_test(void)
if (ret != certSz) {
free(derCert);
free(pem);
free(tmp);
return -473;
}
@@ -4125,6 +4211,7 @@ int rsa_test(void)
if (pemSz < 0) {
free(derCert);
free(pem);
free(tmp);
return -460;
}
@@ -4132,6 +4219,7 @@ int rsa_test(void)
if (!pemFile) {
free(derCert);
free(pem);
free(tmp);
return -461;
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
@@ -4139,6 +4227,7 @@ int rsa_test(void)
if (ret != pemSz) {
free(derCert);
free(pem);
free(tmp);
return -474;
}
@@ -4146,6 +4235,7 @@ int rsa_test(void)
if (!ntruPrivFile) {
free(derCert);
free(pem);
free(tmp);
return -462;
}
ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
@@ -4153,6 +4243,7 @@ int rsa_test(void)
if (ret != private_key_len) {
free(pem);
free(derCert);
free(tmp);
return -475;
}
free(pem);
@@ -4169,11 +4260,14 @@ int rsa_test(void)
FILE* reqFile;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
if (der == NULL) {
free(tmp);
return -463;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(der);
free(tmp);
return -464;
}
@@ -4195,6 +4289,7 @@ int rsa_test(void)
if (derSz < 0) {
free(pem);
free(der);
free(tmp);
return -465;
}
@@ -4203,6 +4298,7 @@ int rsa_test(void)
if (derSz < 0) {
free(pem);
free(der);
free(tmp);
return -466;
}
@@ -4210,6 +4306,7 @@ int rsa_test(void)
if (pemSz < 0) {
free(pem);
free(der);
free(tmp);
return -467;
}
@@ -4221,6 +4318,7 @@ int rsa_test(void)
if (!reqFile) {
free(pem);
free(der);
free(tmp);
return -468;
}
@@ -4229,6 +4327,7 @@ int rsa_test(void)
if (ret != derSz) {
free(pem);
free(der);
free(tmp);
return -471;
}
@@ -4240,6 +4339,7 @@ int rsa_test(void)
if (!reqFile) {
free(pem);
free(der);
free(tmp);
return -469;
}
ret = (int)fwrite(pem, 1, pemSz, reqFile);
@@ -4247,6 +4347,7 @@ int rsa_test(void)
if (ret != pemSz) {
free(pem);
free(der);
free(tmp);
return -470;
}
@@ -4295,7 +4396,7 @@ int dh_test(void)
byte agree2[256];
DhKey key;
DhKey key2;
RNG rng;
WC_RNG rng;
#ifdef USE_CERT_BUFFERS_1024
XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
@@ -4384,7 +4485,7 @@ int dsa_test(void)
word32 idx = 0;
byte tmp[1024];
DsaKey key;
RNG rng;
WC_RNG rng;
Sha sha;
byte hash[SHA_DIGEST_SIZE];
byte signature[40];
@@ -4537,6 +4638,101 @@ int dsa_test(void)
#endif /* NO_DSA */
#ifdef WOLFCRYPT_HAVE_SRP
int srp_test(void)
{
Srp cli, srv;
int r;
byte clientPubKey[80]; /* A */
byte serverPubKey[80]; /* B */
word32 clientPubKeySz = 80;
word32 serverPubKeySz = 80;
byte clientProof[SRP_MAX_DIGEST_SIZE]; /* M1 */
byte serverProof[SRP_MAX_DIGEST_SIZE]; /* M2 */
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
byte username[] = "user";
word32 usernameSz = 4;
byte password[] = "password";
word32 passwordSz = 8;
byte N[] = {
0xC9, 0x4D, 0x67, 0xEB, 0x5B, 0x1A, 0x23, 0x46, 0xE8, 0xAB, 0x42, 0x2F,
0xC6, 0xA0, 0xED, 0xAE, 0xDA, 0x8C, 0x7F, 0x89, 0x4C, 0x9E, 0xEE, 0xC4,
0x2F, 0x9E, 0xD2, 0x50, 0xFD, 0x7F, 0x00, 0x46, 0xE5, 0xAF, 0x2C, 0xF7,
0x3D, 0x6B, 0x2F, 0xA2, 0x6B, 0xB0, 0x80, 0x33, 0xDA, 0x4D, 0xE3, 0x22,
0xE1, 0x44, 0xE7, 0xA8, 0xE9, 0xB1, 0x2A, 0x0E, 0x46, 0x37, 0xF6, 0x37,
0x1F, 0x34, 0xA2, 0x07, 0x1C, 0x4B, 0x38, 0x36, 0xCB, 0xEE, 0xAB, 0x15,
0x03, 0x44, 0x60, 0xFA, 0xA7, 0xAD, 0xF4, 0x83
};
byte g[] = {
0x02
};
byte salt[] = {
0xB2, 0xE5, 0x8E, 0xCC, 0xD0, 0xCF, 0x9D, 0x10, 0x3A, 0x56
};
byte verifier[] = {
0x7C, 0xAB, 0x17, 0xFE, 0x54, 0x3E, 0x8C, 0x13, 0xF2, 0x3D, 0x21, 0xE7,
0xD2, 0xAF, 0xAF, 0xDB, 0xA1, 0x52, 0x69, 0x9D, 0x49, 0x01, 0x79, 0x91,
0xCF, 0xD1, 0x3F, 0xE5, 0x28, 0x72, 0xCA, 0xBE, 0x13, 0xD1, 0xC2, 0xDA,
0x65, 0x34, 0x55, 0x8F, 0x34, 0x0E, 0x05, 0xB8, 0xB4, 0x0F, 0x7F, 0x6B,
0xBB, 0xB0, 0x6B, 0x50, 0xD8, 0xB1, 0xCC, 0xB7, 0x81, 0xFE, 0xD4, 0x42,
0xF5, 0x11, 0xBC, 0x8A, 0x28, 0xEB, 0x50, 0xB3, 0x46, 0x08, 0xBA, 0x24,
0xA2, 0xFB, 0x7F, 0x2E, 0x0A, 0xA5, 0x33, 0xCC
};
/* client knows username and password. */
/* server knows N, g, salt and verifier. */
r = wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
if (!r) r = wc_SrpSetUsername(&cli, username, usernameSz);
/* client sends username to server */
if (!r) r = wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE);
if (!r) r = wc_SrpSetUsername(&srv, username, usernameSz);
if (!r) r = wc_SrpSetParams(&srv, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt));
if (!r) r = wc_SrpSetVerifier(&srv, verifier, sizeof(verifier));
if (!r) r = wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz);
/* server sends N, g, salt and B to client */
if (!r) r = wc_SrpSetParams(&cli, N, sizeof(N),
g, sizeof(g),
salt, sizeof(salt));
if (!r) r = wc_SrpSetPassword(&cli, password, passwordSz);
if (!r) r = wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz);
if (!r) r = wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz);
if (!r) r = wc_SrpGetProof(&cli, clientProof, &clientProofSz);
/* client sends A and M1 to server */
if (!r) r = wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz);
if (!r) r = wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz);
if (!r) r = wc_SrpGetProof(&srv, serverProof, &serverProofSz);
/* server sends M2 to client */
if (!r) r = wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz);
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
return r;
}
#endif /* WOLFCRYPT_HAVE_SRP */
#ifdef OPENSSL_EXTRA
@@ -5000,7 +5196,7 @@ typedef struct rawEccVector {
int ecc_test(void)
{
RNG rng;
WC_RNG rng;
byte sharedA[1024];
byte sharedB[1024];
byte sig[1024];
@@ -5256,7 +5452,7 @@ int ecc_test(void)
int ecc_encrypt_test(void)
{
RNG rng;
WC_RNG rng;
int ret;
ecc_key userA, userB;
byte msg[48];
@@ -5391,7 +5587,7 @@ int ecc_encrypt_test(void)
int curve25519_test(void)
{
RNG rng;
WC_RNG rng;
byte sharedA[32];
byte sharedB[32];
byte exportBuf[32];
@@ -5554,7 +5750,7 @@ int curve25519_test(void)
#ifdef HAVE_ED25519
int ed25519_test(void)
{
RNG rng;
WC_RNG rng;
byte out[ED25519_SIG_SIZE];
byte exportPKey[ED25519_KEY_SIZE];
byte exportSKey[ED25519_KEY_SIZE];
@@ -6205,7 +6401,7 @@ int pkcs7signed_test(void)
char data[] = "Hello World";
word32 dataSz, outSz, certDerSz, keyDerSz;
PKCS7 msg;
RNG rng;
WC_RNG rng;
byte transIdOid[] =
{ 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,

4
wolfssl.vcproj
View File

@@ -291,6 +291,10 @@
RelativePath=".\src\tls.c"
>
</File>
<File
RelativePath="wolfcrypt\src\wc_encrypt.c"
>
</File>
</Filter>
<Filter
Name="Header Files"

1
wolfssl.vcxproj
View File

@@ -308,6 +308,7 @@
<ClCompile Include="wolfcrypt\src\sha.c" />
<ClCompile Include="wolfcrypt\src\sha256.c" />
<ClCompile Include="wolfcrypt\src\sha512.c" />
<ClCompile Include="wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="src\ssl.c" />
<ClCompile Include="src\tls.c" />
</ItemGroup>

36
wolfssl/internal.h
View File

@@ -331,7 +331,9 @@ typedef byte word24[3];
#endif
#if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS)
#ifndef NO_MD5
#define BUILD_TLS_RSA_WITH_HC_128_MD5
#endif
#if !defined(NO_SHA)
#define BUILD_TLS_RSA_WITH_HC_128_SHA
#endif
@@ -366,13 +368,17 @@ typedef byte word24[3];
#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS)
#ifndef NO_SHA256
#ifndef NO_AES
#define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
#endif
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256
#endif
#endif
#ifdef WOLFSSL_SHA384
#ifndef NO_AES
#define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
#endif
#ifdef HAVE_NULL_CIPHER
#define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384
#endif
@@ -385,69 +391,97 @@ typedef byte word24[3];
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
#endif
#endif /* NO_SHA */
#ifndef NO_SHA256
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
#endif
#endif
#ifdef WOLFSSL_SHA384
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
#endif
#endif
#if defined (HAVE_AESGCM)
#if !defined(NO_RSA)
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
#endif
#if defined(WOLFSSL_SHA384)
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
#endif
#if defined(WOLFSSL_SHA384)
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
#endif
#endif
#endif
#endif /* NO_AES */
#if !defined(NO_RC4)
#if !defined(NO_SHA)
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA
#endif
#endif
#endif
#if !defined(NO_DES3)
#ifndef NO_SHA
#if !defined(NO_RSA)
#define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
#endif
#endif
#define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
#if defined(WOLFSSL_STATIC_DH)
#define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
#endif
#endif /* NO_SHA */
#endif
#endif
@@ -2215,7 +2249,7 @@ struct WOLFSSL {
HS_Hashes* hsHashes;
void* IOCB_ReadCtx;
void* IOCB_WriteCtx;
RNG* rng;
WC_RNG* rng;
void* verifyCbCtx; /* cert verify callback user ctx*/
VerifyCallback verifyCallback; /* cert verification callback */
void* heap; /* for user overrides */

1
wolfssl/sniffer_error.h
View File

@@ -107,6 +107,7 @@
#define CLIENT_HELLO_LATE_KEY_STR 72
#define GOT_CERT_STATUS_STR 73
#define RSA_KEY_MISSING_STR 74
#define NO_SECURE_RENEGOTIATION 75
/* !!!! also add to msgTable in sniffer.c and .rc file !!!! */

1
wolfssl/sniffer_error.rc
View File

@@ -89,5 +89,6 @@ STRINGTABLE
72, "Late Key Load Error"
73, "Got Certificate Status msg"
74, "RSA Key Missing Error"
75, "Secure Renegotiation Not Supported"
}

4
wolfssl/ssl.h
View File

@@ -32,7 +32,11 @@
#ifndef NO_FILESYSTEM
#ifdef FREESCALE_MQX
#if MQX_USE_IO_OLD
#include <fio.h>
#else
#include <nio.h>
#endif
#else
#include <stdio.h> /* ERR_printf */
#endif

12
wolfssl/test.h
View File

@@ -1520,6 +1520,8 @@ static INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
/* decrypt */
ret = wc_AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz);
if (ret != 0)
return ret;
if (wolfSSL_GetCipherType(ssl) == WOLFSSL_AEAD_TYPE) {
*padSz = wolfSSL_GetAeadMacSize(ssl);
@@ -1606,7 +1608,7 @@ static INLINE void FreeAtomicUser(WOLFSSL* ssl)
static INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
{
RNG rng;
WC_RNG rng;
int ret;
word32 idx = 0;
ecc_key myKey;
@@ -1657,7 +1659,7 @@ static INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
static INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
{
RNG rng;
WC_RNG rng;
int ret;
word32 idx = 0;
RsaKey myKey;
@@ -1715,7 +1717,7 @@ static INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
int ret;
word32 idx = 0;
RsaKey myKey;
RNG rng;
WC_RNG rng;
(void)ssl;
(void)ctx;
@@ -1820,7 +1822,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
int x, size;
static const char alphanum[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz";
RNG rng;
WC_RNG rng;
byte out;
if (tempfn == NULL || len < 1 || num < 1 || len <= num) {
@@ -1862,7 +1864,7 @@ static INLINE const char* mymktemp(char *tempfn, int len, int num)
} key_ctx;
static key_ctx myKey_ctx;
static RNG rng;
static WC_RNG rng;
static INLINE int TicketInit(void)
{

4
wolfssl/version.h
View File

@@ -26,8 +26,8 @@
extern "C" {
#endif
#define LIBWOLFSSL_VERSION_STRING "3.6.2"
#define LIBWOLFSSL_VERSION_HEX 0x03006002
#define LIBWOLFSSL_VERSION_STRING "3.6.3"
#define LIBWOLFSSL_VERSION_HEX 0x03006003
#ifdef __cplusplus
}

6
wolfssl/wolfcrypt/aes.h
View File

@@ -133,12 +133,6 @@ WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
/* AES-CTR */
#ifdef WOLFSSL_AES_COUNTER

9
wolfssl/wolfcrypt/asn_public.h
View File

@@ -149,15 +149,15 @@ typedef struct Cert {
*/
WOLFSSL_API void wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
ecc_key*, RNG*);
ecc_key*, WC_RNG*);
#ifdef WOLFSSL_CERT_REQ
WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz,
RsaKey*, ecc_key*);
#endif
WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
word32 derSz, RsaKey*, ecc_key*, RNG*);
word32 derSz, RsaKey*, ecc_key*, WC_RNG*);
WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
RNG*);
WC_RNG*);
WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
WOLFSSL_API int wc_SetSubject(Cert*, const char*);
#ifdef WOLFSSL_ALT_NAMES
@@ -170,7 +170,8 @@ WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#ifdef HAVE_NTRU
WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
const byte* ntruKey, word16 keySz, RNG*);
const byte* ntruKey, word16 keySz,
WC_RNG*);
#endif
#endif /* WOLFSSL_CERT_GEN */

2
wolfssl/wolfcrypt/curve25519.h
View File

@@ -65,7 +65,7 @@ enum {
};
WOLFSSL_API
int wc_curve25519_make_key(RNG* rng, int keysize, curve25519_key* key);
int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);
WOLFSSL_API
int wc_curve25519_shared_secret(curve25519_key* private_key,

12
wolfssl/wolfcrypt/des3.h
View File

@@ -92,12 +92,6 @@ WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
const byte* iv,int dir);
@@ -106,12 +100,6 @@ WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_Des3_InitCavium(Des3*, int);

2
wolfssl/wolfcrypt/dh.h
View File

@@ -43,7 +43,7 @@ typedef struct DhKey {
WOLFSSL_API void wc_InitDhKey(DhKey* key);
WOLFSSL_API void wc_FreeDhKey(DhKey* key);
WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv,
WOLFSSL_API int wc_DhGenerateKeyPair(DhKey* key, WC_RNG* rng, byte* priv,
word32* privSz, byte* pub, word32* pubSz);
WOLFSSL_API int wc_DhAgree(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub,

6
wolfssl/wolfcrypt/dsa.h
View File

@@ -57,7 +57,7 @@ typedef struct DsaKey {
WOLFSSL_API void wc_InitDsaKey(DsaKey* key);
WOLFSSL_API void wc_FreeDsaKey(DsaKey* key);
WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
DsaKey* key, RNG* rng);
DsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_DsaVerify(const byte* digest, const byte* sig,
DsaKey* key, int* answer);
WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx,
@@ -67,8 +67,8 @@ WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeDsaKey(RNG *rng, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa);
#endif
#ifdef __cplusplus

10
wolfssl/wolfcrypt/ecc.h
View File

@@ -134,7 +134,7 @@ extern const ecc_set_type ecc_sets[];
WOLFSSL_API
int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key);
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
WOLFSSL_API
int wc_ecc_check_key(ecc_key* key);
WOLFSSL_API
@@ -145,9 +145,9 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen);
WOLFSSL_API
int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key);
WC_RNG* rng, ecc_key* key);
WOLFSSL_API
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
WOLFSSL_API
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
@@ -248,11 +248,11 @@ enum ecFlags {
typedef struct ecEncCtx ecEncCtx;
WOLFSSL_API
ecEncCtx* wc_ecc_ctx_new(int flags, RNG* rng);
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
WOLFSSL_API
void wc_ecc_ctx_free(ecEncCtx*);
WOLFSSL_API
int wc_ecc_ctx_reset(ecEncCtx*, RNG*); /* reset for use again w/o alloc/free */
int wc_ecc_ctx_reset(ecEncCtx*, WC_RNG*); /* reset for use again w/o alloc/free */
WOLFSSL_API
const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);

2
wolfssl/wolfcrypt/ed25519.h
View File

@@ -61,7 +61,7 @@ typedef struct {
WOLFSSL_API
int wc_ed25519_make_key(RNG* rng, int keysize, ed25519_key* key);
int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
WOLFSSL_API
int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
word32 *outlen, ed25519_key* key);

6
wolfssl/wolfcrypt/error-crypt.h
View File

@@ -151,6 +151,10 @@ enum {
ECC_INF_E = -215, /* ECC point infinity error */
ECC_PRIV_KEY_E = -216, /* ECC private key not valid error */
SRP_CALL_ORDER_E = -217, /* SRP function called in the wrong order. */
SRP_VERIFY_E = -218, /* SRP proof verification failed. */
SRP_BAD_KEY_E = -219, /* SRP bad ephemeral values. */
MIN_CODE_E = -300 /* errors -101 - -299 */
};
@@ -163,5 +167,3 @@ WOLFSSL_API const char* wc_GetErrorString(int error);
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ERROR_H */

17
wolfssl/wolfcrypt/hash.h
View File

@@ -22,20 +22,35 @@
#ifndef WOLF_CRYPT_HASH_H
#define WOLF_CRYPT_HASH_H
#include <wolfssl/wolfcrypt/types.h>
#ifndef NO_MD5
#include <wolfssl/wolfcrypt/md5.h>
WOLFSSL_API void wc_Md5GetHash(Md5*, byte*);
WOLFSSL_API void wc_Md5RestorePos(Md5*, Md5*) ;
#endif
#ifndef NO_SHA
#include <wolfssl/wolfcrypt/sha.h>
WOLFSSL_API int wc_ShaGetHash(Sha*, byte*);
WOLFSSL_API void wc_ShaRestorePos(Sha*, Sha*) ;
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#endif
#ifndef NO_SHA256
#include <wolfssl/wolfcrypt/sha256.h>
WOLFSSL_API int wc_Sha256GetHash(Sha256*, byte*);
WOLFSSL_API void wc_Sha256RestorePos(Sha256*, Sha256*) ;
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
#endif
#endif
#ifdef WOLFSSL_SHA512
#include <wolfssl/wolfcrypt/sha512.h>
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384)
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* defined(WOLFSSL_SHA384) */
#endif /* WOLFSSL_SHA512 */
#endif /* WOLF_CRYPT_HASH_H */

3
wolfssl/wolfcrypt/include.am
View File

@@ -29,6 +29,7 @@ nobase_include_HEADERS+= \
wolfssl/wolfcrypt/md5.h \
wolfssl/wolfcrypt/misc.h \
wolfssl/wolfcrypt/pkcs7.h \
wolfssl/wolfcrypt/wc_encrypt.h \
wolfssl/wolfcrypt/wc_port.h \
wolfssl/wolfcrypt/pwdbased.h \
wolfssl/wolfcrypt/rabbit.h \
@@ -45,6 +46,7 @@ nobase_include_HEADERS+= \
wolfssl/wolfcrypt/blake2-int.h \
wolfssl/wolfcrypt/blake2-impl.h \
wolfssl/wolfcrypt/tfm.h \
wolfssl/wolfcrypt/srp.h \
wolfssl/wolfcrypt/types.h \
wolfssl/wolfcrypt/visibility.h \
wolfssl/wolfcrypt/logging.h \
@@ -56,4 +58,3 @@ noinst_HEADERS+= \
wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
wolfssl/wolfcrypt/port/ti/ti-hash.h \
wolfssl/wolfcrypt/port/ti/ti-ccm.h

4
wolfssl/wolfcrypt/integer.h
View File

@@ -307,7 +307,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
int mp_read_radix(mp_int* a, const char* str, int radix);
#endif
@@ -315,7 +315,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_prime_is_prime (mp_int * a, int t, int *result);
int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
#endif
int mp_cnt_lsb(mp_int *a);

4
wolfssl/wolfcrypt/pkcs7.h
View File

@@ -73,7 +73,7 @@ typedef struct PKCS7 {
word32 contentSz; /* content size */
int contentOID; /* PKCS#7 content type OID sum */
RNG* rng;
WC_RNG* rng;
int hashOID;
int encryptOID; /* key encryption algorithm OID */
@@ -100,7 +100,7 @@ WOLFSSL_LOCAL int wc_GetContentType(const byte* input, word32* inOutIdx,
word32* oid, word32 maxIdx);
WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
int keyEncAlgo, int blockKeySz,
RNG* rng, byte* contentKeyPlain,
WC_RNG* rng, byte* contentKeyPlain,
byte* contentKeyEnc,
int* keyEncSz, byte* out, word32 outSz);

6
wolfssl/wolfcrypt/pwdbased.h
View File

@@ -51,9 +51,9 @@ WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
int kLen, int typeH, int purpose);
/* helper functions */
WOLFSSL_LOCAL int GetDigestSize(int hashType);
WOLFSSL_LOCAL int GetPKCS12HashSizes(int hashType, word32* v, word32* u);
WOLFSSL_LOCAL int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen,
WOLFSSL_LOCAL int GetDigestSize(int typeH);
WOLFSSL_LOCAL int GetPKCS12HashSizes(int typeH, word32* v, word32* u);
WOLFSSL_LOCAL int DoPKCS12Hash(int typeH, byte* buffer, word32 totalLen,
byte* Ai, word32 u, int iterations);

24
wolfssl/wolfcrypt/random.h
View File

@@ -84,11 +84,11 @@ struct DRBG; /* Private DRBG state */
/* Hash-based Deterministic Random Bit Generator */
typedef struct RNG {
typedef struct WC_RNG {
struct DRBG* drbg;
OS_Seed seed;
byte status;
} RNG;
} WC_RNG;
#else /* HAVE_HASHDRBG || NO_RC4 */
@@ -99,36 +99,42 @@ typedef struct RNG {
/* secure Random Number Generator */
typedef struct RNG {
typedef struct WC_RNG {
OS_Seed seed;
Arc4 cipher;
#ifdef HAVE_CAVIUM
int devId; /* nitrox device id */
word32 magic; /* using cavium magic */
#endif
} RNG;
} WC_RNG;
#endif /* HAVE_HASH_DRBG || NO_RC4 */
#endif /* HAVE_FIPS */
/* NO_OLD_RNGNAME removes RNG struct name to prevent possible type conflicts,
* can't be used with CTaoCrypt FIPS */
#if !defined(NO_OLD_RNGNAME) && !defined(HAVE_FIPS)
#define RNG WC_RNG
#endif
WOLFSSL_LOCAL
int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_InitRngCavium(RNG*, int);
WOLFSSL_API int wc_InitRngCavium(WC_RNG*, int);
#endif
#endif /* HAVE_HASH_DRBG || NO_RC4 */
WOLFSSL_API int wc_InitRng(RNG*);
WOLFSSL_API int wc_RNG_GenerateBlock(RNG*, byte*, word32 sz);
WOLFSSL_API int wc_RNG_GenerateByte(RNG*, byte*);
WOLFSSL_API int wc_FreeRng(RNG*);
WOLFSSL_API int wc_InitRng(WC_RNG*);
WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
WOLFSSL_API int wc_FreeRng(WC_RNG*);
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)

19
wolfssl/wolfcrypt/rsa.h
View File

@@ -47,19 +47,6 @@
enum {
RSA_PUBLIC = 0,
RSA_PRIVATE = 1,
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
@@ -90,13 +77,13 @@ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void*);
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
WOLFSSL_API int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
word32 outLen, RsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
WOLFSSL_API int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key);
WOLFSSL_API int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, RNG* rng);
word32 outLen, RsaKey* key, WC_RNG* rng);
WOLFSSL_API int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
RsaKey* key);
WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
@@ -118,7 +105,7 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
word32*);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
#endif
#ifdef HAVE_CAVIUM

19
wolfssl/wolfcrypt/settings.h
View File

@@ -111,6 +111,9 @@
/* Uncomment next line if building for VxWorks */
/* #define WOLFSSL_VXWORKS */
/* Uncomment next line to enable deprecated less secure static DH suites */
/* #define WOLFSSL_STATIC_DH */
#include <wolfssl/wolfcrypt/visibility.h>
#ifdef WOLFSSL_USER_SETTINGS
@@ -118,6 +121,12 @@
#endif
/* make sure old RNG name is used with CTaoCrypt FIPS */
#ifdef HAVE_FIPS
#define WC_RNG RNG
#endif
#ifdef IPHONE
#define SIZEOF_LONG_LONG 8
#endif
@@ -178,6 +187,7 @@
#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define NEED_AES_TABLES
#define WOLFSSL_HAVE_MIN
#endif
#ifdef WOLFSSL_MICROCHIP_PIC32MZ
@@ -307,6 +317,10 @@
#ifdef FREERTOS
#include "FreeRTOS.h"
/* FreeRTOS pvPortRealloc() only in AVR32_UC3 port */
#define XMALLOC(s, h, type) pvPortMalloc((s))
#define XFREE(p, h, type) vPortFree((p))
#ifndef NO_WRITEV
#define NO_WRITEV
#endif
@@ -328,7 +342,6 @@
#endif
#ifndef SINGLE_THREADED
#include "FreeRTOS.h"
#include "semphr.h"
#endif
#endif
@@ -454,7 +467,11 @@
#include "mqx.h"
#ifndef NO_FILESYSTEM
#include "mfs.h"
#if MQX_USE_IO_OLD
#include "fio.h"
#else
#include "nio.h"
#endif
#endif
#ifndef SINGLE_THREADED
#include "mutex.h"

1
wolfssl/wolfcrypt/sha.h
View File

@@ -76,7 +76,6 @@ typedef struct Sha {
WOLFSSL_API int wc_InitSha(Sha*);
WOLFSSL_API int wc_ShaUpdate(Sha*, const byte*, word32);
WOLFSSL_API int wc_ShaFinal(Sha*, byte*);
WOLFSSL_API int wc_ShaHash(const byte*, word32, byte*);
#ifdef __cplusplus
} /* extern "C" */

1
wolfssl/wolfcrypt/sha256.h
View File

@@ -74,7 +74,6 @@ typedef struct Sha256 {
WOLFSSL_API int wc_InitSha256(Sha256*);
WOLFSSL_API int wc_Sha256Update(Sha256*, const byte*, word32);
WOLFSSL_API int wc_Sha256Final(Sha256*, byte*);
WOLFSSL_API int wc_Sha256Hash(const byte*, word32, byte*);
#ifdef __cplusplus
} /* extern "C" */

2
wolfssl/wolfcrypt/sha512.h
View File

@@ -64,7 +64,6 @@ typedef struct Sha512 {
WOLFSSL_API int wc_InitSha512(Sha512*);
WOLFSSL_API int wc_Sha512Update(Sha512*, const byte*, word32);
WOLFSSL_API int wc_Sha512Final(Sha512*, byte*);
WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*);
#if defined(WOLFSSL_SHA384)
@@ -91,7 +90,6 @@ typedef struct Sha384 {
WOLFSSL_API int wc_InitSha384(Sha384*);
WOLFSSL_API int wc_Sha384Update(Sha384*, const byte*, word32);
WOLFSSL_API int wc_Sha384Final(Sha384*, byte*);
WOLFSSL_API int wc_Sha384Hash(const byte*, word32, byte*);
#endif /* WOLFSSL_SHA384 */

308
wolfssl/wolfcrypt/srp.h Normal file
View File

@@ -0,0 +1,308 @@
/* srp.h
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef WOLFCRYPT_HAVE_SRP
#ifndef WOLFCRYPT_SRP_H
#define WOLFCRYPT_SRP_H
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/sha512.h>
#include <wolfssl/wolfcrypt/integer.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Select the largest available hash for the buffer size. */
#if defined(WOLFSSL_SHA512)
#define SRP_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
#elif defined(WOLFSSL_SHA384)
#define SRP_MAX_DIGEST_SIZE SHA384_DIGEST_SIZE
#elif !defined(NO_SHA256)
#define SRP_MAX_DIGEST_SIZE SHA256_DIGEST_SIZE
#elif !defined(NO_SHA)
#define SRP_MAX_DIGEST_SIZE SHA_DIGEST_SIZE
#else
#error "You have to have some kind of SHA hash if you want to use SRP."
#endif
/* Set the minimum number of bits acceptable in an SRP modulus */
#define SRP_DEFAULT_MIN_BITS 512
/**
* SRP side, client or server.
*/
typedef enum {
SRP_CLIENT_SIDE = 0,
SRP_SERVER_SIDE = 1,
} SrpSide;
/**
* SRP hash type, SHA[1|256|384|512].
*/
typedef enum {
#ifndef NO_SHA
SRP_TYPE_SHA = 1,
#endif
#ifndef NO_SHA256
SRP_TYPE_SHA256 = 2,
#endif
#ifdef WOLFSSL_SHA384
SRP_TYPE_SHA384 = 3,
#endif
#ifdef WOLFSSL_SHA512
SRP_TYPE_SHA512 = 4,
#endif
} SrpType;
/**
* SRP hash struct.
*/
typedef struct {
byte type;
union {
#ifndef NO_SHA
Sha sha;
#endif
#ifndef NO_SHA256
Sha256 sha256;
#endif
#ifdef WOLFSSL_SHA384
Sha384 sha384;
#endif
#ifdef WOLFSSL_SHA512
Sha512 sha512;
#endif
} data;
} SrpHash;
typedef struct Srp {
SrpSide side; /**< Client or Server, @see SrpSide. */
SrpType type; /**< Hash type, @see SrpType. */
byte* user; /**< Username, login. */
word32 userSz; /**< Username length. */
byte* salt; /**< Small salt. */
word32 saltSz; /**< Salt length. */
mp_int N; /**< Modulus. N = 2q+1, [q, N] are primes.*/
mp_int g; /**< Generator. A generator modulo N. */
byte k[SRP_MAX_DIGEST_SIZE]; /**< Multiplier parameeter. k = H(N, g) */
mp_int auth; /**< Client: x = H(salt + H(user:pswd)) */
/**< Server: v = g ^ x % N */
mp_int priv; /**< Private ephemeral value. */
SrpHash client_proof; /**< Client proof. Sent to the Server. */
SrpHash server_proof; /**< Server proof. Sent to the Client. */
byte* key; /**< Session key. */
word32 keySz; /**< Session key length. */
int (*keyGenFunc_cb) (struct Srp* srp, byte* secret, word32 size);
/**< Function responsible for generating the session key. */
/**< It MUST use XMALLOC with type DYNAMIC_TYPE_SRP to allocate the */
/**< key buffer for this structure and set keySz to the buffer size. */
/**< The default function used by this implementation is a modified */
/**< version of t_mgf1 that uses the proper hash function according */
/**< to srp->type. */
} Srp;
/**
* Initializes the Srp struct for usage.
*
* @param[out] srp the Srp structure to be initialized.
* @param[in] type the hash type to be used.
* @param[in] side the side of the communication.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
/**
* Releases the Srp struct resources after usage.
*
* @param[in,out] srp the Srp structure to be terminated.
*/
WOLFSSL_API void wc_SrpTerm(Srp* srp);
/**
* Sets the username.
*
* This function MUST be called after wc_SrpInit.
*
* @param[in,out] srp the Srp structure.
* @param[in] username the buffer containing the username.
* @param[in] size the username size in bytes
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
/**
* Sets the srp parameeters based on the username.
*
* This function MUST be called after wc_SrpSetUsername.
*
* @param[in,out] srp the Srp structure.
* @param[in] N the Modulus. N = 2q+1, [q, N] are primes.
* @param[in] nSz the N size in bytes.
* @param[in] g the Generator modulo N.
* @param[in] gSz the g size in bytes
* @param[in] salt a small random salt. Specific for each username.
* @param[in] saltSz the salt size in bytes
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
const byte* g, word32 gSz,
const byte* salt, word32 saltSz);
/**
* Sets the password.
*
* Setting the password does not persists the clear password data in the
* srp structure. The client calculates x = H(salt + H(user:pswd)) and stores
* it in the auth field.
*
* This function MUST be called after wc_SrpSetParams and is CLIENT SIDE ONLY.
*
* @param[in,out] srp the Srp structure.
* @param[in] password the buffer containing the password.
* @param[in] size the password size in bytes.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
/**
* Sets the password.
*
* This function MUST be called after wc_SrpSetParams and is SERVER SIDE ONLY.
*
* @param[in,out] srp the Srp structure.
* @param[in] verifier the buffer containing the verifier.
* @param[in] size the verifier size in bytes.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
/**
* Gets the verifier.
*
* The client calculates the verifier with v = g ^ x % N.
* This function MAY be called after wc_SrpSetPassword and is SERVER SIDE ONLY.
*
* @param[in,out] srp the Srp structure.
* @param[out] verifier the buffer to write the verifier.
* @param[in,out] size the buffer size in bytes. Will be updated with the
* verifier size.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
/**
* Sets the private ephemeral value.
*
* The private ephemeral value is known as:
* a at the client side. a = random()
* b at the server side. b = random()
* This function is handy for unit test cases or if the developer wants to use
* an external random source to set the ephemeral value.
* This function MAY be called before wc_SrpGetPublic.
*
* @param[in,out] srp the Srp structure.
* @param[in] private the ephemeral value.
* @param[in] size the private size in bytes.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpSetPrivate(Srp* srp, const byte* private, word32 size);
/**
* Gets the public ephemeral value.
*
* The public ephemeral value is known as:
* A at the client side. A = g ^ a % N
* B at the server side. B = (k * v + (g ˆ b % N)) % N
* This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier.
*
* @param[in,out] srp the Srp structure.
* @param[out] public the buffer to write the public ephemeral value.
* @param[in,out] size the the buffer size in bytes. Will be updated with
* the ephemeral value size.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpGetPublic(Srp* srp, byte* public, word32* size);
/**
* Computes the session key.
*
* This function is handy for unit test cases or if the developer wants to use
* an external random source to set the ephemeral value.
* This function MUST be called after wc_SrpSetPassword or wc_SrpSetVerifier.
*
* @param[in,out] srp the Srp structure.
* @param[out] public the buffer to write the public ephemeral value.
* @param[in,out] size the the buffer size in bytes. Will be updated with
the ephemeral value size.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpComputeKey(Srp* srp,
byte* clientPubKey, word32 clientPubKeySz,
byte* serverPubKey, word32 serverPubKeySz);
/**
* Gets the proof.
*
* This function MUST be called after wc_SrpComputeKey.
*
* @param[in,out] srp the Srp structure.
* @param[out] proof the buffer to write the proof.
* @param[in,out] size the buffer size in bytes. Will be updated with the
* proof size.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);
/**
* Verifies the peers proof.
*
* This function MUST be called before wc_SrpGetSessionKey.
*
* @param[in,out] srp the Srp structure.
* @param[in] proof the peers proof.
* @param[in] size the proof size in bytes.
*
* @return 0 on success, {@literal <} 0 on error. @see error-crypt.h
*/
WOLFSSL_API int wc_SrpVerifyPeersProof(Srp* srp, byte* proof, word32 size);
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFCRYPT_SRP_H */
#endif /* WOLFCRYPT_HAVE_SRP */

2
wolfssl/wolfcrypt/tfm.h
View File

@@ -718,7 +718,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c);
int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
int mp_prime_is_prime(mp_int* a, int t, int* result);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
int mp_rand_prime(mp_int* N, int len, WC_RNG* rng, void* heap);
int mp_exch(mp_int *a, mp_int *b);
#endif /* WOLFSSL_KEY_GEN */

10
wolfssl/wolfcrypt/types.h
View File

@@ -143,6 +143,9 @@
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
#endif
@@ -176,7 +179,7 @@
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(WOLFSSL_LEANPSK)
&& !defined(WOLFSSL_LEANPSK) && !defined(FREERTOS)
/* default C runtime, can install different routines at runtime via cbs */
#include <wolfssl/wolfcrypt/memory.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
@@ -212,7 +215,7 @@
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP)
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || defined(WOLFSSL_KEY_GEN)
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
@@ -268,7 +271,8 @@
DYNAMIC_TYPE_TLSX = 43,
DYNAMIC_TYPE_OCSP = 44,
DYNAMIC_TYPE_SIGNATURE = 45,
DYNAMIC_TYPE_HASHES = 46
DYNAMIC_TYPE_HASHES = 46,
DYNAMIC_TYPE_SRP = 47,
};
/* max error buffer string size */

62
wolfssl/wolfcrypt/wc_encrypt.h Normal file
View File

@@ -0,0 +1,62 @@
/* wc_encrypt.h
*
* Copyright (C) 2006-2015 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifndef WOLF_CRYPT_ENCRYPT_H
#define WOLF_CRYPT_ENCRYPT_H
#include <wolfssl/wolfcrypt/types.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifndef NO_AES
WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
#endif /* !NO_AES */
#ifndef NO_DES3
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
#endif /* !NO_DES3 */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_ENCRYPT_H */