diff --git a/src/bio.c b/src/bio.c index 1f51c0579..c558f38c8 100644 --- a/src/bio.c +++ b/src/bio.c @@ -54,6 +54,16 @@ static int wolfSSL_getLineLength(char* in, int inSz) } +/* Gets the next line from bio. Goes until a new line character or end of + * buffer is reached. + * + * bio the structure to read a new line from + * buf buffer to hold the result + * sz the size of "buf" buffer + * + * returns the size of the result placed in buf on success and a 0 or negative + * value in an error case. + */ int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz) { int ret = WOLFSSL_BIO_UNSET; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index c83523c1d..b926f68e4 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -849,6 +849,8 @@ static const byte pbeSha1Des[] = {42, 134, 72, 134, 247, 13, 1, 5, 10}; static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1}; static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3}; + +/* returns a pointer to the OID string on success and NULL on fail */ const byte* OidFromId(word32 id, word32 type, word32* oidSz) { const byte* oid = NULL; @@ -1956,7 +1958,10 @@ static int CheckAlgoV2(int oid, int* id) } -/* Decrypt/Encrypt input in place from parameters based on id */ +/* Decrypt/Encrypt input in place from parameters based on id + * + * returns a negative value on fail case + */ static int CryptKey(const char* password, int passwordSz, byte* salt, int saltSz, int iterations, int id, byte* input, int length, int version, byte* cbcIv, int enc) @@ -2266,6 +2271,8 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, * vAlgo is the algorithm version to use * * if salt is NULL a random number is generated + * + * returns the size of encrypted data on success */ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, const char* password,int passwordSz, int vPKCS, int vAlgo, @@ -2336,7 +2343,7 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, } - /* leave room for a sequence (contains salt and itterations int) */ + /* leave room for a sequence (contains salt and iterations int) */ inOutIdx += MAX_SEQ_SZ; sz = 0; /* place salt in buffer */ @@ -2346,7 +2353,7 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, XMEMCPY(out + inOutIdx, salt, saltSz); inOutIdx += saltSz; sz += saltSz; - /* place itteration count in buffer */ + /* place iteration count in buffer */ out[inOutIdx++] = ASN_INTEGER; sz++; out[inOutIdx++] = sizeof(word32); sz++; out[inOutIdx++] = (itt >> 24) & 0xFF; diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 534ad469d..87a8981ad 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -782,6 +782,13 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx, } } + +/* Initialize a WOLFSSL_EVP_PKEY_CTX structure to encrypt data + * + * ctx WOLFSSL_EVP_PKEY_CTX structure to use with encryption + * + * Returns WOLFSSL_FAILURE on failure and WOLFSSL_SUCCESS on success + */ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx) { if (ctx == NULL) return WOLFSSL_FAILURE; @@ -801,6 +808,13 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx) } + +/* Get the size in bits for WOLFSSL_EVP_PKEY key + * + * pkey WOLFSSL_EVP_PKEY structure to get key size of + * + * returns the size in bits of key on success + */ WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey) { int bytes; @@ -811,6 +825,14 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey) return bytes*8 ; } + +/* Get the size in bytes for WOLFSSL_EVP_PKEY key + * + * pkey WOLFSSL_EVP_PKEY structure to get key size of + * + * returns the size of a key on success which is the maximum size of a + * signature + */ WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey) { if (pkey == NULL)return 0; @@ -836,13 +858,30 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey) } } + +/* Initialize structure for signing + * + * ctx WOLFSSL_EVP_MD_CTX structure to initialize + * type is the type of message digest to use + * + * returns WOLFSSL_SUCCESS on success + */ WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type) { - if (ctx == NULL)return 0; + if (ctx == NULL) return WOLFSSL_FAILURE; WOLFSSL_ENTER("EVP_SignInit"); return wolfSSL_EVP_DigestInit(ctx,type); } + +/* Update structure with data for signing + * + * ctx WOLFSSL_EVP_MD_CTX structure to update + * data buffer holding data to update with for sign + * len length of data buffer + * + * returns WOLFSSL_SUCCESS on success + */ WOLFSSL_API int wolfSSL_EVP_SignUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len) { if (ctx == NULL)return 0; @@ -869,6 +908,15 @@ static int md2nid(int md) } #endif /* NO_RSA */ +/* Finalize structure for signing + * + * ctx WOLFSSL_EVP_MD_CTX structure to finalize + * sigret buffer to hold resulting signature + * siglen length of sigret buffer + * pkey key to sign with + * + * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure + */ WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey) { @@ -904,20 +952,47 @@ WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *si } } + +/* Initialize structure for verifying signature + * + * ctx WOLFSSL_EVP_MD_CTX structure to initialize + * type is the type of message digest to use + * + * returns WOLFSSL_SUCCESS on success + */ WOLFSSL_API int wolfSSL_EVP_VerifyInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type) { - if (ctx == NULL)return 0; + if (ctx == NULL) return WOLFSSL_FAILURE; WOLFSSL_ENTER("EVP_VerifyInit"); return wolfSSL_EVP_DigestInit(ctx,type); } + +/* Update structure for verifying signature + * + * ctx WOLFSSL_EVP_MD_CTX structure to update + * data buffer holding data to update with for verify + * len length of data buffer + * + * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure + */ WOLFSSL_API int wolfSSL_EVP_VerifyUpdate(WOLFSSL_EVP_MD_CTX *ctx, const void *data, size_t len) { - if (ctx == NULL)return 0; + if (ctx == NULL) return WOLFSSL_FAILURE; WOLFSSL_ENTER("EVP_VerifyUpdate"); return wolfSSL_EVP_DigestUpdate(ctx, data, len); } + +/* Finalize structure for verifying signature + * + * ctx WOLFSSL_EVP_MD_CTX structure to finalize + * sig buffer holding signature + * siglen length of sig buffer + * pkey key to verify with + * + * returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure + */ WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char*sig, unsigned int siglen, WOLFSSL_EVP_PKEY *pkey) { @@ -925,7 +1000,7 @@ WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char md[MAX_DIGEST_SIZE]; unsigned int mdsize; - if (ctx == NULL) return 0; + if (ctx == NULL) return WOLFSSL_FAILURE; WOLFSSL_ENTER("EVP_VerifyFinal"); ret = wolfSSL_EVP_DigestFinal(ctx, md, &mdsize); if (ret <= 0) return ret; @@ -937,7 +1012,7 @@ WOLFSSL_API int wolfSSL_EVP_VerifyFinal(WOLFSSL_EVP_MD_CTX *ctx, #if !defined(NO_RSA) && !defined(HAVE_USER_RSA) case EVP_PKEY_RSA:{ int nid = md2nid(ctx->macType); - if(nid < 0)return 0; + if (nid < 0) return WOLFSSL_FAILURE; return wolfSSL_RSA_verify(nid, md, mdsize, sig, (unsigned int)siglen, pkey->rsa); } diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index ea8ec051a..6329f1e0b 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -385,6 +385,8 @@ int wc_PeekErrorNode(int idx, const char **file, const char **reason, * file pointer to file that error was in. Can be NULL to return no file. * reason error string giving reason for error. Can be NULL to return no reason. * line retrun line number of where error happened. + * + * returns the error value on success and BAD_MUTEX_E or BAD_STATE_E on failure */ int wc_PullErrorNode(const char **file, const char **reason, int *line) { diff --git a/wolfcrypt/src/pkcs12.c b/wolfcrypt/src/pkcs12.c index d2ebdb7b4..a33dd9a16 100644 --- a/wolfcrypt/src/pkcs12.c +++ b/wolfcrypt/src/pkcs12.c @@ -470,7 +470,11 @@ exit_gsd: } -/* expects PKCS12 signData to be set up with OID */ +/* expects PKCS12 signData to be set up with OID + * + * returns the size of mac created on success. A negative value will be returned + * in the case that an error happened. + */ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz, const byte* psw, word32 pswSz, byte* out, word32 outSz) { @@ -1610,6 +1614,8 @@ static int wc_PKCS12_encrypt_content(WC_PKCS12* pkcs12, WC_RNG* rng, * iter : number of itterations with encryption * macIter : number of itterations when creating MAC * keyType : flag for signature and/or encryption key + * + * returns a pointer to a new WC_PKCS12 structure on success and NULL if failed */ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, byte* key, word32 keySz, byte* cert, word32 certSz, WC_DerCertList* ca, @@ -1638,10 +1644,22 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, WOLFSSL_ENTER("wc_PKCS12_create()"); - pkcs12 = wc_PKCS12_new(); - wc_PKCS12_SetHeap(pkcs12, heap); - wc_InitRng_ex(&rng, heap, INVALID_DEVID); + if ((ret = wc_InitRng_ex(&rng, heap, INVALID_DEVID)) != 0) { + return NULL; + } + if ((pkcs12 = wc_PKCS12_new()) == NULL) { + wc_FreeRng(&rng); + WOLFSSL_LEAVE("wc_PKCS12_create", MEMORY_E); + return NULL; + } + + if ((ret = wc_PKCS12_SetHeap(pkcs12, heap)) != 0) { + wc_PKCS12_free(pkcs12); + wc_FreeRng(&rng); + WOLFSSL_LEAVE("wc_PKCS12_create", ret); + return NULL; + } if (iter <= 0) { iter = WC_PKCS12_ITT_DEFAULT; @@ -1690,7 +1708,7 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name, if (keyBuf == NULL) { wc_PKCS12_free(pkcs12); wc_FreeRng(&rng); - WOLFSSL_MSG("Memory error"); + WOLFSSL_LEAVE("wc_PKCS12_create", MEMORY_E); return NULL; } @@ -2037,7 +2055,7 @@ int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap) } pkcs12->heap = heap; - return 1; + return 0; } diff --git a/wolfssl/wolfcrypt/pkcs12.h b/wolfssl/wolfcrypt/pkcs12.h index a8442f443..56850f347 100644 --- a/wolfssl/wolfcrypt/pkcs12.h +++ b/wolfssl/wolfcrypt/pkcs12.h @@ -57,8 +57,8 @@ WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, int keyType, void* heap); -WOLFSSL_API int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap); -WOLFSSL_API void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12); +WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap); +WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12); WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap);