diff --git a/src/internal.c b/src/internal.c index 7ff4ae4e6..63923406b 100755 --- a/src/internal.c +++ b/src/internal.c @@ -7794,7 +7794,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, { int ret = 0; #ifdef WOLFSSL_ASYNC_CRYPT - WC_ASYNC_DEV* asyncDev; ProcPeerCertArgs* args = (ProcPeerCertArgs*)ssl->async.args; typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1]; (void)sizeof(args_test); @@ -8022,31 +8021,23 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, args->certs[args->certIdx].buffer, args->certs[args->certIdx].length, ssl->heap); args->dCert->sigCtx.devId = ssl->devId; /* setup async dev */ + #ifdef WOLFSSL_ASYNC_CRYPT + args->dCert->sigCtx.asyncCtx = ssl; + #endif args->dCertInit = 1; } - #ifdef WOLFSSL_ASYNC_CRYPT - do { - /* intialize event */ - asyncDev = args->dCert->sigCtx.asyncDev; - if (asyncDev) { - ret = wolfSSL_AsyncInit(ssl, asyncDev, - WC_ASYNC_FLAG_CALL_AGAIN); - if (ret != 0) - break; - } - #endif - ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, - ssl->ctx->cm); - if (ret != 0 && ret != WC_PENDING_E) - goto exit_ppc; + ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, + ssl->ctx->cm); + if (ret != 0 && ret != WC_PENDING_E) + goto exit_ppc; #ifdef WOLFSSL_ASYNC_CRYPT - if (asyncDev && ret == WC_PENDING_E) { - ret = wolfSSL_AsyncPush(ssl, asyncDev); - goto exit_ppc; - } - } while (ret == WC_PENDING_E && asyncDev == NULL) + if (ret == WC_PENDING_E) { + ret = wolfSSL_AsyncPush(ssl, + args->dCert->sigCtx.asyncDev); + goto exit_ppc; + } #endif #ifndef NO_SKID @@ -8098,31 +8089,23 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, args->certs[args->certIdx].buffer, args->certs[args->certIdx].length, ssl->heap); args->dCert->sigCtx.devId = ssl->devId; + #ifdef WOLFSSL_ASYNC_CRYPT + args->dCert->sigCtx.asyncCtx = ssl; + #endif args->dCertInit = 1; } - #ifdef WOLFSSL_ASYNC_CRYPT - do { - /* intialize event */ - asyncDev = args->dCert->sigCtx.asyncDev; - if (asyncDev) { - ret = wolfSSL_AsyncInit(ssl, asyncDev, - WC_ASYNC_FLAG_CALL_AGAIN); - if (ret != 0) - goto exit_ppc; - } - #endif - ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, + ret = ParseCertRelative(args->dCert, CERT_TYPE, 0, ssl->ctx->cm); - if (ret != 0 && ret != WC_PENDING_E) { - goto exit_ppc; - } + if (ret != 0 && ret != WC_PENDING_E) { + goto exit_ppc; + } #ifdef WOLFSSL_ASYNC_CRYPT - if (asyncDev && ret == WC_PENDING_E) { - ret = wolfSSL_AsyncPush(ssl, asyncDev); - goto exit_ppc; - } - } while (ret == WC_PENDING_E && asyncDev == NULL); + if (ret == WC_PENDING_E) { + ret = wolfSSL_AsyncPush(ssl, + args->dCert->sigCtx.asyncDev); + goto exit_ppc; + } #endif #ifndef NO_SKID @@ -8153,28 +8136,20 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, args->certs[args->certIdx].buffer, args->certs[args->certIdx].length, ssl->heap); args->dCert->sigCtx.devId = ssl->devId; /* setup async dev */ + #ifdef WOLFSSL_ASYNC_CRYPT + args->dCert->sigCtx.asyncCtx = ssl; + #endif args->dCertInit = 1; } - #ifdef WOLFSSL_ASYNC_CRYPT - do { - /* intialize event */ - asyncDev = args->dCert->sigCtx.asyncDev; - if (asyncDev) { - ret = wolfSSL_AsyncInit(ssl, asyncDev, - WC_ASYNC_FLAG_CALL_AGAIN); - if (ret != 0) - goto exit_ppc; - } - #endif - ret = ParseCertRelative(args->dCert, CERT_TYPE, + ret = ParseCertRelative(args->dCert, CERT_TYPE, !ssl->options.verifyNone, ssl->ctx->cm); #ifdef WOLFSSL_ASYNC_CRYPT - if (asyncDev && ret == WC_PENDING_E) { - ret = wolfSSL_AsyncPush(ssl, asyncDev); - goto exit_ppc; - } - } while (ret == WC_PENDING_E && asyncDev == NULL); + if (ret == WC_PENDING_E) { + ret = wolfSSL_AsyncPush(ssl, + args->dCert->sigCtx.asyncDev); + goto exit_ppc; + } #endif #ifndef NO_SKID @@ -8352,6 +8327,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, InitDecodedCert(args->dCert, args->certs[args->certIdx].buffer, args->certs[args->certIdx].length, ssl->heap); + args->dCert->sigCtx.devId = ssl->devId; /* setup async dev */ + #ifdef WOLFSSL_ASYNC_CRYPT + args->dCert->sigCtx.asyncCtx = ssl; + #endif args->dCertInit = 1; } @@ -8359,26 +8338,15 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (!haveTrustPeer) #endif { - #ifdef WOLFSSL_ASYNC_CRYPT - do { - /* intialize event */ - asyncDev = args->dCert->sigCtx.asyncDev; - if (asyncDev) { - ret = wolfSSL_AsyncInit(ssl, asyncDev, - WC_ASYNC_FLAG_CALL_AGAIN); - if (ret != 0) - goto exit_ppc; - } - #endif - /* only parse if not already present in dCert from above */ - ret = ParseCertRelative(args->dCert, CERT_TYPE, + /* only parse if not already present in dCert from above */ + ret = ParseCertRelative(args->dCert, CERT_TYPE, !ssl->options.verifyNone, ssl->ctx->cm); #ifdef WOLFSSL_ASYNC_CRYPT - if (asyncDev && ret == WC_PENDING_E) { - ret = wolfSSL_AsyncPush(ssl, asyncDev); - goto exit_ppc; - } - } while (ret == WC_PENDING_E && asyncDev == NULL); + if (ret == WC_PENDING_E) { + ret = wolfSSL_AsyncPush(ssl, + args->dCert->sigCtx.asyncDev); + goto exit_ppc; + } #endif } diff --git a/tests/api.c b/tests/api.c index 0e1538bee..6f8f1b2d8 100644 --- a/tests/api.c +++ b/tests/api.c @@ -4209,6 +4209,10 @@ static int test_wc_Md5HmacSetKey (void) printf(testingFmt, "wc_HmacSetKey() with MD5"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); @@ -4254,6 +4258,8 @@ static int test_wc_Md5HmacSetKey (void) #endif } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4288,6 +4294,10 @@ static int test_wc_ShaHmacSetKey (void) printf(testingFmt, "wc_HmacSetKey() with SHA"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); @@ -4333,6 +4343,8 @@ static int test_wc_ShaHmacSetKey (void) #endif } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4366,6 +4378,10 @@ static int test_wc_Sha224HmacSetKey (void) printf(testingFmt, "wc_HmacSetKey() with SHA 224"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, SHA224, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); @@ -4411,6 +4427,8 @@ static int test_wc_Sha224HmacSetKey (void) #endif } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4444,6 +4462,10 @@ static int test_wc_Sha256HmacSetKey (void) printf(testingFmt, "wc_HmacSetKey() with SHA256"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, SHA256, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); @@ -4489,6 +4511,8 @@ static int test_wc_Sha256HmacSetKey (void) #endif } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4522,6 +4546,10 @@ static int test_wc_Sha384HmacSetKey (void) printf(testingFmt, "wc_HmacSetKey() with SHA384"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + for (itr = 0; itr < times; itr++) { ret = wc_HmacSetKey(&hmac, SHA384, (byte*)keys[itr], (word32)XSTRLEN(keys[itr])); @@ -4567,6 +4595,8 @@ static int test_wc_Sha384HmacSetKey (void) #endif } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4601,6 +4631,10 @@ static int test_wc_Md5HmacUpdate (void) printf(testingFmt, "wc_HmacUpdate() with MD5"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_HmacSetKey(&hmac, MD5, (byte*)keys, (word32)XSTRLEN(keys)); if (ret != 0) { flag = ret; @@ -4642,6 +4676,8 @@ static int test_wc_Md5HmacUpdate (void) } } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4675,6 +4711,10 @@ static int test_wc_ShaHmacUpdate (void) printf(testingFmt, "wc_HmacUpdate() with SHA"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_HmacSetKey(&hmac, SHA, (byte*)keys, (word32)XSTRLEN(keys)); if (ret != 0) { flag = ret; @@ -4716,6 +4756,8 @@ static int test_wc_ShaHmacUpdate (void) } } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4749,6 +4791,10 @@ static int test_wc_Sha224HmacUpdate (void) printf(testingFmt, "wc_HmacUpdate() with SHA224"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_HmacSetKey(&hmac, SHA224, (byte*)keys, (word32)XSTRLEN(keys)); if (ret != 0) { flag = ret; @@ -4790,6 +4836,8 @@ static int test_wc_Sha224HmacUpdate (void) } } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4823,6 +4871,10 @@ static int test_wc_Sha256HmacUpdate (void) printf(testingFmt, "wc_HmacUpdate() with SHA256"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_HmacSetKey(&hmac, SHA256, (byte*)keys, (word32)XSTRLEN(keys)); if (ret != 0) { flag = ret; @@ -4864,6 +4916,8 @@ static int test_wc_Sha256HmacUpdate (void) } } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4897,6 +4951,10 @@ static int test_wc_Sha384HmacUpdate (void) printf(testingFmt, "wc_HmacUpdate() with SHA384"); + ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_HmacSetKey(&hmac, SHA384, (byte*)keys, (word32)XSTRLEN(keys)); if (ret != 0) { flag = ret; @@ -4938,6 +4996,8 @@ static int test_wc_Sha384HmacUpdate (void) } } + wc_HmacFree(&hmac); + printf(resultFmt, flag == 0 ? passed : failed); #endif @@ -4971,13 +5031,11 @@ static int test_wc_Md5HmacFinal (void) ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) - flag = ret; + return ret; - if (!flag) { - ret = wc_HmacSetKey(&hmac, MD5, (byte*)key, (word32)XSTRLEN(key)); - if (ret != 0) { - flag = ret; - } + ret = wc_HmacSetKey(&hmac, MD5, (byte*)key, (word32)XSTRLEN(key)); + if (ret != 0) { + flag = ret; } if (!flag) { @@ -5053,13 +5111,11 @@ static int test_wc_ShaHmacFinal (void) ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) - flag = ret; + return ret; - if (!flag) { - ret = wc_HmacSetKey(&hmac, SHA, (byte*)key, (word32)XSTRLEN(key)); - if (ret != 0) { - flag = ret; - } + ret = wc_HmacSetKey(&hmac, SHA, (byte*)key, (word32)XSTRLEN(key)); + if (ret != 0) { + flag = ret; } if (!flag) { @@ -5136,13 +5192,11 @@ static int test_wc_Sha224HmacFinal (void) ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) - flag = ret; + return ret; - if (!flag) { - ret = wc_HmacSetKey(&hmac, SHA224, (byte*)key, (word32)XSTRLEN(key)); - if (ret != 0) { - flag = ret; - } + ret = wc_HmacSetKey(&hmac, SHA224, (byte*)key, (word32)XSTRLEN(key)); + if (ret != 0) { + flag = ret; } if (!flag) { @@ -5218,13 +5272,11 @@ static int test_wc_Sha256HmacFinal (void) ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) - flag = ret; + return ret; - if (!flag) { - ret = wc_HmacSetKey(&hmac, SHA256, (byte*)key, (word32)XSTRLEN(key)); - if (ret != 0) { - flag = ret; - } + ret = wc_HmacSetKey(&hmac, SHA256, (byte*)key, (word32)XSTRLEN(key)); + if (ret != 0) { + flag = ret; } if (!flag) { @@ -5301,13 +5353,11 @@ static int test_wc_Sha384HmacFinal (void) ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID); if (ret != 0) - flag = ret; + return ret; - if (!flag) { - ret = wc_HmacSetKey(&hmac, SHA384, (byte*)key, (word32)XSTRLEN(key)); - if (ret != 0) { - flag = ret; - } + ret = wc_HmacSetKey(&hmac, SHA384, (byte*)key, (word32)XSTRLEN(key)); + if (ret != 0) { + flag = ret; } if (!flag) { @@ -5380,6 +5430,10 @@ static int test_wc_Des3_SetIV (void) printf(testingFmt, "wc_Des3_SetIV()"); + ret = wc_Des3Init(&des, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + /* DES_ENCRYPTION or DES_DECRYPTION */ ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION); @@ -5401,6 +5455,8 @@ static int test_wc_Des3_SetIV (void) } #endif + wc_Des3Free(&des); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -5432,6 +5488,10 @@ static int test_wc_Des3_SetKey (void) printf(testingFmt, "wc_Des3_SetKey()"); + ret = wc_Des3Init(&des, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + /* DES_ENCRYPTION or DES_DECRYPTION */ ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION); if (ret == 0) { @@ -5455,6 +5515,8 @@ static int test_wc_Des3_SetKey (void) } } /* END if ret != 0 */ + wc_Des3Free(&des); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -5495,6 +5557,10 @@ static int test_wc_Des3_CbcEncryptDecrypt (void) printf(testingFmt, "wc_Des3_CbcEncrypt()"); + ret = wc_Des3Init(&des, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION); if (ret == 0) { @@ -5545,6 +5611,8 @@ static int test_wc_Des3_CbcEncryptDecrypt (void) } } + wc_Des3Free(&des); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -5935,6 +6003,10 @@ static int test_wc_AesSetIV (void) printf(testingFmt, "wc_AesSetIV()"); + ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte), iv1, AES_ENCRYPTION); if(ret == 0) { @@ -5951,6 +6023,8 @@ static int test_wc_AesSetIV (void) } } + wc_AesFree(&aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -5994,10 +6068,11 @@ static int test_wc_AesSetKey (void) printf(testingFmt, "wc_AesSetKey()"); ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte), + if (ret != 0) + return ret; + + ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte), iv, AES_ENCRYPTION); - } if (ret == 0) { ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte), iv, AES_ENCRYPTION); @@ -6022,6 +6097,8 @@ static int test_wc_AesSetKey (void) } } + wc_AesFree(&aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -6066,9 +6143,10 @@ static int test_wc_AesCbcEncryptDecrypt (void) XMEMSET(dec2, 0, sizeof(vector)); ret = wc_AesInit(&aes, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); - } + if (ret != 0) + return ret; + + ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); if (ret == 0) { ret = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)); if (ret == 0) { @@ -6114,6 +6192,7 @@ static int test_wc_AesCbcEncryptDecrypt (void) } printf(resultFmt, cbcE == 0 ? passed : failed); if (cbcE != 0) { + wc_AesFree(&aes); return cbcE; } @@ -6137,6 +6216,7 @@ static int test_wc_AesCbcEncryptDecrypt (void) } printf(resultFmt, cbcD == 0 ? passed : failed); if (cbcD != 0) { + wc_AesFree(&aes); return cbcD; } @@ -6162,7 +6242,11 @@ static int test_wc_AesCbcEncryptDecrypt (void) cbcDWK = SSL_FATAL_ERROR; } } + + wc_AesFree(&aes); + printf(resultFmt, cbcDWK == 0 ? passed : failed); + if (cbcDWK != 0) { return cbcDWK; } @@ -6202,13 +6286,16 @@ static int test_wc_AesCtrEncryptDecrypt (void) printf(testingFmt, "wc_AesCtrEncrypt()"); ret = wc_AesInit(&aesEnc, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesInit(&aesDec, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesInit(&aesDec, NULL, INVALID_DEVID); + if (ret != 0) { + wc_AesFree(&aesEnc); + return ret; } - if (ret == 0) { - ret = wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, + + ret = wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); - } if (ret == 0) { ret = wc_AesCtrEncrypt(&aesEnc, enc, vector, sizeof(vector)/sizeof(byte)); @@ -6241,6 +6328,9 @@ static int test_wc_AesCtrEncryptDecrypt (void) } } + wc_AesFree(&aesEnc); + wc_AesFree(&aesDec); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -6296,6 +6386,10 @@ static int test_wc_AesGcmSetKey (void) printf(testingFmt, "wc_AesGcmSetKey()"); + ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte)); if (ret == 0) { ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte)); @@ -6320,6 +6414,8 @@ static int test_wc_AesGcmSetKey (void) } } + wc_AesFree(&aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -6367,6 +6463,10 @@ static int test_wc_AesGcmEncryptDecrypt (void) XMEMSET(dec, 0, sizeof(vector)); XMEMSET(resultT, 0, AES_BLOCK_SIZE); + ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)); if (ret == 0) { gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), @@ -6413,6 +6513,7 @@ static int test_wc_AesGcmEncryptDecrypt (void) printf(resultFmt, gcmE == 0 ? passed : failed); if (gcmE != 0) { + wc_AesFree(&aes); return gcmE; } @@ -6457,7 +6558,10 @@ static int test_wc_AesGcmEncryptDecrypt (void) printf(resultFmt, gcmD == 0 ? passed : failed); #endif /* HAVE_AES_DECRYPT */ + + wc_AesFree(&aes); #endif + return ret; } /* END test_wc_AesGcmEncryptDecrypt */ @@ -6509,6 +6613,10 @@ static int test_wc_GmacSetKey (void) printf(testingFmt, "wc_GmacSetKey()"); + ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte)); if (ret == 0) { ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)); @@ -6539,6 +6647,8 @@ static int test_wc_GmacSetKey (void) } } + wc_AesFree(&gmac.aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -6628,6 +6738,10 @@ static int test_wc_GmacUpdate (void) printf(testingFmt, "wc_GmacUpdate()"); + ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)); if (ret == 0) { ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn), @@ -6678,6 +6792,8 @@ static int test_wc_GmacUpdate (void) } } + wc_AesFree(&gmac.aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -8323,6 +8439,10 @@ static int test_wc_AesCcmSetKey (void) printf(testingFmt, "wc_AesCcmSetKey()"); + ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16)); if (ret == 0) { ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24)); @@ -8347,6 +8467,8 @@ static int test_wc_AesCcmSetKey (void) } } + wc_AesFree(&aes); + printf(resultFmt, ret == 0 ? passed : failed); #endif @@ -8402,6 +8524,10 @@ static int test_wc_AesCcmEncryptDecrypt (void) byte plainOut[sizeof(cipherOut)]; #endif + ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16)); if (ret == 0) { ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut), @@ -8472,6 +8598,7 @@ static int test_wc_AesCcmEncryptDecrypt (void) printf(resultFmt, ccmE == 0 ? passed : failed); if (ccmE != 0) { + wc_AesFree(&aes); return ccmE; } #ifdef HAVE_AES_DECRYPT @@ -8528,6 +8655,8 @@ static int test_wc_AesCcmEncryptDecrypt (void) } #endif + wc_AesFree(&aes); + #endif /* HAVE_AESCCM */ return ret; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index a2a396941..d1bb9e790 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -2357,6 +2357,14 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, if (version == PKCS5v2 || version == PKCS12v1) desIv = cbcIv; + + ret = wc_Des3Init(&dec, NULL, INVALID_DEVID); + if (ret != 0) { +#ifdef WOLFSSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION); if (ret != 0) { #ifdef WOLFSSL_SMALL_STACK @@ -4649,11 +4657,11 @@ static int ConfirmSignature(SignatureCtx* sigCtx, sigCtx->state = SIG_STATE_DO; #ifdef WOLFSSL_ASYNC_CRYPT - if (sigCtx->devId != INVALID_DEVID) { - /* always return here, so we can properly init the async - context back in SSL world */ - ret = WC_PENDING_E; - goto exit_cs; + if (sigCtx->devId != INVALID_DEVID && sigCtx->asyncDev && sigCtx->asyncCtx) { + /* make sure event is intialized */ + WOLF_EVENT* event = &sigCtx->asyncDev->event; + ret = wolfAsync_EventInit(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL, + sigCtx->asyncCtx, WC_ASYNC_FLAG_CALL_AGAIN); } #endif } /* SIG_STATE_KEY */ diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 8659a09fd..e346e7e15 100755 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -7097,7 +7097,7 @@ static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz, int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { - int ret; + int ret = 0; word32 blockSz; word32 digestSz; ecEncCtx localCtx; @@ -7168,10 +7168,14 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } #endif - ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); -#if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &privKey->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); -#endif + do { + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &privKey->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); + if (ret != 0) + break; + #endif + ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); + } while (ret == WC_PENDING_E); if (ret == 0) { switch (ctx->kdfAlgo) { case ecHKDF_SHA256 : @@ -7255,7 +7259,7 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) { - int ret; + int ret = 0; word32 blockSz; word32 digestSz; ecEncCtx localCtx; @@ -7326,10 +7330,14 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } #endif - ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); -#if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &privKey->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); -#endif + do { + #if defined(WOLFSSL_ASYNC_CRYPT) + ret = wc_AsyncWait(ret, &privKey->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN); + if (ret != 0) + break; + #endif + ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); + } while (ret == WC_PENDING_E); if (ret == 0) { switch (ctx->kdfAlgo) { case ecHKDF_SHA256 : diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index 4aa9ce483..b423c4a4a 100755 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -841,11 +841,15 @@ int wolfSSL_GetHmacMaxSize(void) saltSz = hashSz; } - ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz); - if (ret == 0) - ret = wc_HmacUpdate(&myHmac, inKey, inKeySz); - if (ret == 0) - ret = wc_HmacFinal(&myHmac, out); + ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID); + if (ret == 0) { + ret = wc_HmacSetKey(&myHmac, type, localSalt, saltSz); + if (ret == 0) + ret = wc_HmacUpdate(&myHmac, inKey, inKeySz); + if (ret == 0) + ret = wc_HmacFinal(&myHmac, out); + wc_HmacFree(&myHmac); + } return ret; } @@ -871,6 +875,10 @@ int wolfSSL_GetHmacMaxSize(void) word32 hashSz = wc_HmacSizeByType(type); byte n = 0x1; + ret = wc_HmacInit(&myHmac, NULL, INVALID_DEVID); + if (ret != 0) + return ret; + while (outIdx < outSz) { int tmpSz = (n == 1) ? 0 : hashSz; word32 left = outSz - outIdx; @@ -898,6 +906,8 @@ int wolfSSL_GetHmacMaxSize(void) n++; } + wc_HmacFree(&myHmac); + return ret; } diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c index 2ebb884e4..c736f14b0 100644 --- a/wolfcrypt/src/wc_encrypt.c +++ b/wolfcrypt/src/wc_encrypt.c @@ -53,9 +53,14 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, return MEMORY_E; #endif - ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION); - if (ret == 0) - ret = wc_AesCbcDecrypt(aes, out, in, inSz); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); + if (ret == 0) { + ret = wc_AesSetKey(aes, key, keySz, iv, AES_DECRYPTION); + if (ret == 0) + ret = wc_AesCbcDecrypt(aes, out, in, inSz); + + wc_AesFree(aes); + } #ifdef WOLFSSL_SMALL_STACK XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -81,9 +86,14 @@ int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, return MEMORY_E; #endif - ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION); - if (ret == 0) - ret = wc_AesCbcEncrypt(aes, out, in, inSz); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); + if (ret == 0) { + ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION); + if (ret == 0) + ret = wc_AesCbcEncrypt(aes, out, in, inSz); + + wc_AesFree(aes); + } #ifdef WOLFSSL_SMALL_STACK XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -166,9 +176,13 @@ int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz, return MEMORY_E; #endif - ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION); - if (ret == 0) - ret = wc_Des3_CbcEncrypt(des3, out, in, sz); + ret = wc_Des3Init(des3, NULL, INVALID_DEVID); + if (ret == 0) { + ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION); + if (ret == 0) + ret = wc_Des3_CbcEncrypt(des3, out, in, sz); + wc_Des3Free(des3); + } #ifdef WOLFSSL_SMALL_STACK XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); @@ -194,9 +208,13 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, return MEMORY_E; #endif - ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION); - if (ret == 0) - ret = wc_Des3_CbcDecrypt(des3, out, in, sz); + ret = wc_Des3Init(des3, NULL, INVALID_DEVID); + if (ret == 0) { + ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION); + if (ret == 0) + ret = wc_Des3_CbcDecrypt(des3, out, in, sz); + wc_Des3Free(des3); + } #ifdef WOLFSSL_SMALL_STACK XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 7af6ea5ad..2ffa39d0b 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -453,6 +453,7 @@ struct SignatureCtx { word32 keyOID; #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV* asyncDev; + void* asyncCtx; #endif };