feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

wolfcrypt polish: init, checks, corrections (#6249)

Browse Source 
* wolfcrypt polish: init, checks, corrections
This commit is contained in:
gojimmypi
2023-04-18 18:41:42 +02:00
committed by GitHub
parent f7d7e4f30a
commit 98b718f91b
7 changed files with 67 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
wolfcrypt/src/aes.c
View File

@ -2676,6 +2676,24 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#if !defined(WOLFSSL_AES_128)
if (keylen == 16) {
return BAD_FUNC_ARG;
}
#endif
#if !defined(WOLFSSL_AES_192)
if (keylen == 24) {
return BAD_FUNC_ARG;
}
#endif
#if !defined(WOLFSSL_AES_256)
if (keylen == 32) {
return BAD_FUNC_ARG;
}
#endif
aes->keylen = keylen; aes->keylen = keylen;
aes->rounds = keylen/4 + 6; aes->rounds = keylen/4 + 6;

8
wolfcrypt/src/asn.c
View File

@ -19063,7 +19063,7 @@ exit:
#endif #endif
) { ) {
ASNGetData dataASN[policyInfoASN_Length]; ASNGetData dataASN[policyInfoASN_Length];
byte* data; byte* data = NULL;
word32 length = 0; word32 length = 0;
/* Clear dynamic data and check OID is a cert policy type. */ /* Clear dynamic data and check OID is a cert policy type. */
@ -20186,7 +20186,7 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
/* Check parameters starting with a SEQUENCE. */ /* Check parameters starting with a SEQUENCE. */
else if (dataASN[X509CERTASN_IDX_SIGALGO_PARAMS].tag != 0) { else if (dataASN[X509CERTASN_IDX_SIGALGO_PARAMS].tag != 0) {
word32 oid = dataASN[X509CERTASN_IDX_SIGALGO_OID].data.oid.sum; word32 oid = dataASN[X509CERTASN_IDX_SIGALGO_OID].data.oid.sum;
word32 sigAlgParamsSz; word32 sigAlgParamsSz = 0;
/* Parameters only with RSA PSS. */ /* Parameters only with RSA PSS. */
if (oid != CTC_RSASSAPSS) { if (oid != CTC_RSASSAPSS) {
@ -29291,9 +29291,9 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
return ret; return ret;
#else #else
DECL_ASNSETDATA(dataASN, certReqBodyASN_Length); DECL_ASNSETDATA(dataASN, certReqBodyASN_Length);
word32 publicKeySz; word32 publicKeySz = 0;
word32 subjectSz = 0; word32 subjectSz = 0;
word32 extSz; word32 extSz = 0;
int sz = 0; int sz = 0;
int ret = 0; int ret = 0;
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)

8
wolfcrypt/src/cmac.c
View File

@ -216,6 +216,7 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
{ {
int ret; int ret;
const byte* subKey; const byte* subKey;
word32 remainder;
if (cmac == NULL || out == NULL || outSz == NULL) { if (cmac == NULL || out == NULL || outSz == NULL) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
@ -237,7 +238,11 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
subKey = cmac->k1; subKey = cmac->k1;
} }
else { else {
word32 remainder = AES_BLOCK_SIZE - cmac->bufferSz; /* ensure we will have a valid remainder value */
if (cmac->bufferSz > AES_BLOCK_SIZE) {
return BAD_STATE_E;
}
remainder = AES_BLOCK_SIZE - cmac->bufferSz;
if (remainder == 0) { if (remainder == 0) {
remainder = AES_BLOCK_SIZE; remainder = AES_BLOCK_SIZE;
@ -245,6 +250,7 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
if (remainder > 1) { if (remainder > 1) {
XMEMSET(cmac->buffer + AES_BLOCK_SIZE - remainder, 0, remainder); XMEMSET(cmac->buffer + AES_BLOCK_SIZE - remainder, 0, remainder);
} }
cmac->buffer[AES_BLOCK_SIZE - remainder] = 0x80; cmac->buffer[AES_BLOCK_SIZE - remainder] = 0x80;
subKey = cmac->k2; subKey = cmac->k2;
} }

29
wolfcrypt/src/ed25519.c
View File

@ -53,17 +53,29 @@
#endif #endif
#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_VERIFY) #if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_VERIFY)
#define ED25519CTX_SIZE 32 /* Set a static message string for "Sig No Collisions Message SNC".
** Note this is a static string per spec, see:
** https://datatracker.ietf.org/doc/rfc8032/
*/
#define ED25519CTX_SNC_MESSAGE "SigEd25519 no Ed25519 collisions"
#define ED25519CTX_SIZE 32 /* 32 chars: fixed length of SNC Message. */
static const byte ed25519Ctx[ED25519CTX_SIZE+1] = /* The 32 bytes of ED25519CTX_SIZE is used elsewhere, but we need one
"SigEd25519 no Ed25519 collisions"; ** more char for saving the line ending in our ed25519Ctx[] here: */
static const byte ed25519Ctx[ED25519CTX_SIZE + 1] = ED25519CTX_SNC_MESSAGE;
#endif #endif
static int ed25519_hash_init(ed25519_key* key, wc_Sha512 *sha) static int ed25519_hash_init(ed25519_key* key, wc_Sha512 *sha)
{ {
int ret; int ret;
#ifndef WOLFSSL_ED25519_PERSISTENT_SHA
/* when not using persistent SHA, we'll zero the sha param */
XMEMSET(sha, 0, sizeof(wc_Sha512));
#endif
ret = wc_InitSha512_ex(sha, key->heap, ret = wc_InitSha512_ex(sha, key->heap,
#if defined(WOLF_CRYPTO_CB) #if defined(WOLF_CRYPTO_CB)
key->devId key->devId
#else #else
@ -334,8 +346,9 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
#else #else
wc_Sha512 sha[1]; wc_Sha512 sha[1];
ret = ed25519_hash_init(key, sha); ret = ed25519_hash_init(key, sha);
if (ret < 0) if (ret < 0) {
return ret; return ret;
}
#endif #endif
if (type == Ed25519ctx || type == Ed25519ph) { if (type == Ed25519ctx || type == Ed25519ph) {
@ -386,6 +399,7 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
wc_Sha512 *sha = &key->sha; wc_Sha512 *sha = &key->sha;
#else #else
wc_Sha512 sha[1]; wc_Sha512 sha[1];
ret = ed25519_hash_init(key, sha); ret = ed25519_hash_init(key, sha);
if (ret < 0) if (ret < 0)
return ret; return ret;
@ -765,9 +779,10 @@ int wc_ed25519_verify_msg_ex(const byte* sig, word32 sigLen, const byte* msg,
sha = &key->sha; sha = &key->sha;
#else #else
ret = ed25519_hash_init(key, sha); ret = ed25519_hash_init(key, sha);
if (ret < 0) if (ret < 0) {
return ret; return ret;
#endif }
#endif /* WOLFSSL_ED25519_PERSISTENT_SHA */
ret = ed25519_verify_msg_init_with_sha(sig, sigLen, key, sha, type, context, ret = ed25519_verify_msg_init_with_sha(sig, sigLen, key, sha, type, context,
contextLen); contextLen);
@ -871,7 +886,9 @@ int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId)
if (key == NULL) if (key == NULL)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
/* for init, ensure the key is zeroed*/
XMEMSET(key, 0, sizeof(ed25519_key)); XMEMSET(key, 0, sizeof(ed25519_key));
#ifdef WOLF_CRYPTO_CB #ifdef WOLF_CRYPTO_CB
key->devId = devId; key->devId = devId;
#else #else

7
wolfcrypt/src/md5.c
View File

@ -450,7 +450,12 @@ int wc_Md5Final(wc_Md5* md5, byte* hash)
} }
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
local = (byte*)md5->buffer; local = (byte*)md5->buffer; /* buffer allocated in word32 size */
/* ensure we have a valid buffer length; (-1 to append a byte to length) */
if (md5->buffLen > WC_MD5_BLOCK_SIZE - 1) {
return BUFFER_E;
}
local[md5->buffLen++] = 0x80; /* add 1 */ local[md5->buffLen++] = 0x80; /* add 1 */

3
wolfcrypt/src/random.c
View File

@ -36,6 +36,9 @@ This library contains implementation for the random number generator.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I
*/ */
#if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
#include <esp_random.h>
#endif
#if defined(HAVE_FIPS) && \ #if defined(HAVE_FIPS) && \
defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)

6
wolfcrypt/src/ripemd.c
View File

@ -324,6 +324,12 @@ int wc_RipeMdFinal(RipeMd* ripemd, byte* hash)
AddLength(ripemd, ripemd->buffLen); /* before adding pads */ AddLength(ripemd, ripemd->buffLen); /* before adding pads */
/* ensure we have a valid buffer length; */
if (ripemd->buffLen > RIPEMD_BLOCK_SIZE) {
/* exit with error code if there's a bad buffer size in buffLen */
return BAD_STATE_E;
} /* buffLen check */
local[ripemd->buffLen++] = 0x80; /* add 1 */ local[ripemd->buffLen++] = 0x80; /* add 1 */
/* pad with zeros */ /* pad with zeros */