feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix the async tests for deterministic sign. The _ex versions cannot be called again. Fix possible leak with async and deterministic sign.

Browse Source
This commit is contained in:
David Garske
2024-07-01 10:13:28 -07:00
parent c07e7f1e58
commit ac7f44b0dc
2 changed files with 68 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
wolfcrypt/src/ecc.c
View File

@ -6837,11 +6837,16 @@ static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key)
if (key->sign_k == NULL) {
key->sign_k = (mp_int*)XMALLOC(sizeof(mp_int), key->heap,
DYNAMIC_TYPE_ECC);
if (key->sign_k != NULL) {
err = mp_init(key->sign_k);
if (err != MP_OKAY) {
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
key->sign_k = NULL;
}
}
}
if (key->sign_k != NULL) {
if (mp_init(key->sign_k) != MP_OKAY ||
wc_ecc_gen_deterministic_k(in, inlen,
if (wc_ecc_gen_deterministic_k(in, inlen,
WC_HASH_TYPE_NONE, ecc_get_k(key), key->sign_k,
curve->order, key->heap) != 0) {
mp_free(key->sign_k);

162
wolfcrypt/test/test.c
View File

@ -29407,14 +29407,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType), rng, key,
r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29428,15 +29425,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
/* Verificiation */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s, hash, wc_HashGetDigestSize(hashType),
&verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29454,14 +29447,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType), rng, key,
r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29475,15 +29465,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
/* Verificiation */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s, hash, wc_HashGetDigestSize(hashType),
&verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29501,14 +29487,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType), rng, key,
r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29522,15 +29505,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
/* Verificiation */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType), &verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29667,14 +29646,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType), rng, key,
r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29688,15 +29664,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
/* Verification */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s, hash, wc_HashGetDigestSize(hashType),
&verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29714,14 +29686,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType), rng, key,
r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29735,15 +29704,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
/* Verification */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s, hash, wc_HashGetDigestSize(hashType),
&verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29761,14 +29726,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
goto done;
}
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
} while (ret == WC_PENDING_E);
ret = wc_ecc_sign_hash_ex(hash, wc_HashGetDigestSize(hashType),
rng, key, r, s);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}
@ -29782,15 +29744,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
/* Verification */
verify = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
#endif
if (ret == 0)
ret = wc_ecc_verify_hash_ex(r, s,
hash, wc_HashGetDigestSize(hashType),
&verify, key);
} while (ret == WC_PENDING_E);
ret = wc_ecc_verify_hash_ex(r, s, hash, wc_HashGetDigestSize(hashType),
&verify, key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
goto done;
}