feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

* Fixes for async with TLS where keys are being free'd too soon.

Browse Source 
* Fix for possible NULL RNG case in mp_rand.
* Fix for memory macros to handle expression for `HEAP`.
* Fix for possible unknown uint32_t type with mem track.
* Fix for double Alloc/Free print when using track and debug memory at same time.
* Fix for building with `./configure CFLAGS="-DECC_USER_CURVES -DNO_ECC256 -DHAVE_ECC160"`
* Performance improvements for cases with `WC_ASYNC_NO_HASH` and `WC_ASYNC_ENABLE_SHA256`.
This commit is contained in:
David Garske
2018-09-21 09:33:40 -07:00
parent 427c62e04a
commit a643aeac41
8 changed files with 89 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
src/internal.c
View File

@@ -5322,12 +5322,12 @@ void FreeHandshakeResources(WOLFSSL* ssl)
#endif #endif
#if defined(WOLFSSL_TLS13) #if defined(WOLFSSL_TLS13)
#if !defined(WOLFSSL_POST_HANDSHAKE_AUTH) #if !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|| ssl->options.tls1_3 || ssl->options.tls1_3
#elif !defined(HAVE_SESSION_TICKET) #elif !defined(HAVE_SESSION_TICKET)
|| (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END) || (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END)
#endif #endif
#endif #endif
) { ) {
if (ssl->options.weOwnRng) { if (ssl->options.weOwnRng) {
wc_FreeRng(ssl->rng); wc_FreeRng(ssl->rng);
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
@@ -10704,10 +10704,17 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
!defined(NO_ED25519_CLIENT_AUTH) !defined(NO_ED25519_CLIENT_AUTH)
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) || if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
IsAtLeastTLSv1_3(ssl->version)) { IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) { #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); if (ret != WC_PENDING_E && ret != OCSP_WANT_READ)
ssl->hsHashes->messages = NULL; #endif
{
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap,
DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
} }
} }
#endif #endif
@@ -10776,10 +10783,15 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
!defined(NO_ED25519_CLIENT_AUTH) !defined(NO_ED25519_CLIENT_AUTH)
if (ssl->options.resuming || !ssl->options.verifyPeer || \ if (ssl->options.resuming || !ssl->options.verifyPeer || \
!IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) { !IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0; #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
if (ssl->hsHashes->messages != NULL) { if (ret != WC_PENDING_E && ret != OCSP_WANT_READ)
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); #endif
ssl->hsHashes->messages = NULL; {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
} }
} }
#endif #endif
@@ -18075,7 +18087,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
} }
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(length, ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_P.buffer) { if (ssl->buffers.serverDH_P.buffer) {
ssl->buffers.serverDH_P.length = length; ssl->buffers.serverDH_P.length = length;
} }
@@ -18102,7 +18114,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
} }
ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(length, ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_G.buffer) { if (ssl->buffers.serverDH_G.buffer) {
ssl->buffers.serverDH_G.length = length; ssl->buffers.serverDH_G.length = length;
} }
@@ -18129,7 +18141,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
} }
ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(length, ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_Pub.buffer) { if (ssl->buffers.serverDH_Pub.buffer) {
ssl->buffers.serverDH_Pub.length = length; ssl->buffers.serverDH_Pub.length = length;
} }
@@ -18480,11 +18492,12 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
args->sigSz = (word16)ret; args->sigSz = (word16)ret;
ret = 0; ret = 0;
} }
if (ret == 0) {
/* peerRsaKey */ /* peerRsaKey */
FreeKey(ssl, DYNAMIC_TYPE_RSA, FreeKey(ssl, DYNAMIC_TYPE_RSA,
(void**)&ssl->peerRsaKey); (void**)&ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0; ssl->peerRsaKeyPresent = 0;
}
break; break;
} }
#endif /* !NO_RSA */ #endif /* !NO_RSA */
@@ -18503,10 +18516,12 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif #endif
); );
/* peerEccDsaKey */ if (ret == 0) {
FreeKey(ssl, DYNAMIC_TYPE_ECC, /* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccDsaKey); (void**)&ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0;
}
break; break;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
@@ -18525,10 +18540,12 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif #endif
); );
/* peerEccDsaKey */ if (ret == 0) {
FreeKey(ssl, DYNAMIC_TYPE_ED25519, /* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ED25519,
(void**)&ssl->peerEd25519Key); (void**)&ssl->peerEd25519Key);
ssl->peerEd25519KeyPresent = 0; ssl->peerEd25519KeyPresent = 0;
}
break; break;
} }
#endif /* HAVE_ED25519 */ #endif /* HAVE_ED25519 */

12
src/tls.c
View File

@@ -339,7 +339,11 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
int ret = 0; int ret = 0;
if (useAtLeastSha256) { if (useAtLeastSha256) {
#ifndef WC_ASYNC_NO_HASH
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap); DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
#else
byte labelSeed[MAX_PRF_LABSEED];
#endif
if (labLen + seedLen > MAX_PRF_LABSEED) if (labLen + seedLen > MAX_PRF_LABSEED)
return BUFFER_E; return BUFFER_E;
@@ -354,7 +358,9 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
ret = p_hash(digest, digLen, secret, secLen, labelSeed, ret = p_hash(digest, digLen, secret, secLen, labelSeed,
labLen + seedLen, hash_type, heap, devId); labLen + seedLen, hash_type, heap, devId);
#ifndef WC_ASYNC_NO_HASH
FREE_VAR(labelSeed, heap); FREE_VAR(labelSeed, heap);
#endif
} }
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
else { else {
@@ -517,7 +523,11 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
void* heap, int devId) void* heap, int devId)
{ {
int ret; int ret;
#ifndef WC_ASYNC_NO_HASH
DECLARE_VAR(seed, byte, SEED_LEN, heap); DECLARE_VAR(seed, byte, SEED_LEN, heap);
#else
byte seed[SEED_LEN];
#endif
XMEMCPY(seed, sr, RAN_LEN); XMEMCPY(seed, sr, RAN_LEN);
XMEMCPY(seed + RAN_LEN, cr, RAN_LEN); XMEMCPY(seed + RAN_LEN, cr, RAN_LEN);
@@ -525,7 +535,9 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ, ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,
seed, SEED_LEN, tls1_2, hash_type, heap, devId); seed, SEED_LEN, tls1_2, hash_type, heap, devId);
#ifndef WC_ASYNC_NO_HASH
FREE_VAR(seed, heap); FREE_VAR(seed, heap);
#endif
return ret; return ret;
} }

4
wolfcrypt/src/memory.c
View File

@@ -131,7 +131,7 @@ void* wolfSSL_Malloc(size_t size)
} }
#ifdef WOLFSSL_DEBUG_MEMORY #ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT #if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Alloc: %p -> %u at %s:%d\n", res, (word32)size, func, line); printf("Alloc: %p -> %u at %s:%d\n", res, (word32)size, func, line);
#else #else
(void)func; (void)func;
@@ -172,7 +172,7 @@ void wolfSSL_Free(void *ptr)
#endif #endif
{ {
#ifdef WOLFSSL_DEBUG_MEMORY #ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT #if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Free: %p at %s:%d\n", ptr, func, line); printf("Free: %p at %s:%d\n", ptr, func, line);
#else #else
(void)func; (void)func;

24
wolfcrypt/src/random.c
View File

@@ -301,7 +301,11 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
#else #else
wc_Sha256 sha[1]; wc_Sha256 sha[1];
#endif #endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap); DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
(void)drbg; (void)drbg;
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
@@ -362,7 +366,9 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
ForceZero(digest, WC_SHA256_DIGEST_SIZE); ForceZero(digest, WC_SHA256_DIGEST_SIZE);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap); FREE_VAR(digest, drbg->heap);
#endif
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
} }
@@ -427,7 +433,11 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
#else #else
wc_Sha256 sha[1]; wc_Sha256 sha[1];
#endif #endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap); DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
/* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for /* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for
* the continuous test. */ * the continuous test. */
@@ -487,7 +497,9 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
} }
ForceZero(data, sizeof(data)); ForceZero(data, sizeof(data));
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap); FREE_VAR(digest, drbg->heap);
#endif
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
} }
@@ -529,7 +541,11 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
if (drbg->reseedCtr == RESEED_INTERVAL) { if (drbg->reseedCtr == RESEED_INTERVAL) {
return DRBG_NEED_RESEED; return DRBG_NEED_RESEED;
} else { } else {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap); DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
type = drbgGenerateH; type = drbgGenerateH;
reseedCtr = drbg->reseedCtr; reseedCtr = drbg->reseedCtr;
@@ -566,7 +582,9 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
drbg->reseedCtr++; drbg->reseedCtr++;
} }
ForceZero(digest, WC_SHA256_DIGEST_SIZE); ForceZero(digest, WC_SHA256_DIGEST_SIZE);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap); FREE_VAR(digest, drbg->heap);
#endif
} }
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
@@ -718,7 +736,11 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
seedSz = MAX_SEED_SZ; seedSz = MAX_SEED_SZ;
if (wc_RNG_HealthTestLocal(0) == 0) { if (wc_RNG_HealthTestLocal(0) == 0) {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap); DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
#else
byte seed[MAX_SEED_SZ];
#endif
rng->drbg = rng->drbg =
(struct DRBG*)XMALLOC(sizeof(DRBG), rng->heap, (struct DRBG*)XMALLOC(sizeof(DRBG), rng->heap,
@@ -743,7 +765,9 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
} }
ForceZero(seed, seedSz); ForceZero(seed, seedSz);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(seed, rng->heap); FREE_VAR(seed, rng->heap);
#endif
} }
else else
ret = DRBG_CONT_FAILURE; ret = DRBG_CONT_FAILURE;

4
wolfcrypt/src/wolfmath.c
View File

@@ -97,7 +97,7 @@ int get_rand_digit(WC_RNG* rng, mp_digit* d)
int mp_rand(mp_int* a, int digits, WC_RNG* rng) int mp_rand(mp_int* a, int digits, WC_RNG* rng)
{ {
int ret = 0; int ret = 0;
DECLARE_VAR(d, mp_digit, 1, rng->heap); DECLARE_VAR(d, mp_digit, 1, rng ? rng->heap : NULL);
if (rng == NULL) { if (rng == NULL) {
ret = MISSING_RNG_E; goto exit; ret = MISSING_RNG_E; goto exit;
@@ -141,7 +141,7 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
} }
exit: exit:
FREE_VAR(d, rng->heap); FREE_VAR(d, rng ? rng->heap : NULL);
return ret; return ret;
} }

2
wolfcrypt/test/test.c
View File

@@ -15607,6 +15607,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
return 0; return 0;
} }
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
#if !defined(WOLFSSL_ATECC508A) && defined(HAVE_ECC_KEY_IMPORT) && \ #if !defined(WOLFSSL_ATECC508A) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT) defined(HAVE_ECC_KEY_EXPORT)
static int ecc_point_test(void) static int ecc_point_test(void)
@@ -16106,6 +16107,7 @@ done:
wc_ecc_free(&key); wc_ecc_free(&key);
return ret; return ret;
} }
#endif /* !NO_ECC256 || HAVE_ALL_CURVES */
#ifdef WOLFSSL_CERT_EXT #ifdef WOLFSSL_CERT_EXT
static int ecc_decode_test(void) static int ecc_decode_test(void)

2
wolfssl/wolfcrypt/mem_track.h
View File

@@ -104,7 +104,7 @@
typedef struct memoryList { typedef struct memoryList {
memHint* head; memHint* head;
memHint* tail; memHint* tail;
uint32_t count; word32 count;
} memoryList; } memoryList;
#endif #endif

10
wolfssl/wolfcrypt/types.h
View File

@@ -282,10 +282,10 @@
/* declare/free variable handling for async */ /* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \ #define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
VAR_TYPE* VAR_NAME = ({ \ VAR_TYPE* VAR_NAME = ({ \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \ VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
if (ptr && INIT_VALUE) { \ if (ptr && INIT_VALUE) { \
XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \ XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \
} \ } \
@@ -295,13 +295,13 @@
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME; \ int idx##VAR_NAME; \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \ VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
} }
#define FREE_VAR(VAR_NAME, HEAP) \ #define FREE_VAR(VAR_NAME, HEAP) \
XFREE(VAR_NAME, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \ #define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \ for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
XFREE(VAR_NAME[idx##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \ XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
} }
#else #else
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \