feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Add NO_MALLOC support for wc_CheckCertSigPugKey

Browse Source
This commit is contained in:
Alex Lanzano
2025-05-01 09:03:49 -04:00
committed by David Garske
parent 1e3718ea7b
commit bc6b5598c5
3 changed files with 136 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
wolfcrypt/src/asn.c
View File

@ -17796,6 +17796,46 @@ int ConfirmSignature(SignatureCtx* sigCtx,
byte* rsaKeyIdx) byte* rsaKeyIdx)
{ {
int ret = WC_NO_ERR_TRACE(ASN_SIG_CONFIRM_E); /* default to failure */ int ret = WC_NO_ERR_TRACE(ASN_SIG_CONFIRM_E); /* default to failure */
#ifdef WOLFSSL_NO_MALLOC
byte sigCtxDigest[WC_MAX_DIGEST_SIZE];
byte sigCpy[sigSz];
#ifndef NO_RSA
struct RsaKey rsaKey[1];
#endif
#if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
struct DsaKey dsaKey[1];
#endif
#ifdef HAVE_ECC
ecc_key eccKey[1];
#endif
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
ed25519_key ed25519Key[1];
#endif
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
ed448_key ed448Key[1];
#endif
#if defined(HAVE_FALCON)
falcon_key falconKey[1];
#endif
#if defined(HAVE_DILITHIUM) && \
!defined(WOLFSSL_DILITHIUM_NO_VERIFY) && \
!defined(WOLFSSL_DILITHIUM_NO_ASN1)
dilithium_key dilithiumKey[1];
#endif
#if defined(HAVE_SPHINCS)
spincs_key spincsKey[1];
#endif
#endif /* WOLFSSL_NO_MALLOC */
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
CertAttribute* certatt = NULL; CertAttribute* certatt = NULL;
#endif #endif
@ -17833,11 +17873,15 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
sigCtx->keyOID = keyOID; /* must set early for cleanup */ sigCtx->keyOID = keyOID; /* must set early for cleanup */
#ifndef WOLFSSL_NO_MALLOC
sigCtx->digest = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, sigCtx->heap, sigCtx->digest = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, sigCtx->heap,
DYNAMIC_TYPE_DIGEST); DYNAMIC_TYPE_DIGEST);
if (sigCtx->digest == NULL) { if (sigCtx->digest == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->digest = sigCtxDigest;
#endif
#if !defined(NO_RSA) && defined(WC_RSA_PSS) #if !defined(NO_RSA) && defined(WC_RSA_PSS)
/* RSA PSS Defaults */ /* RSA PSS Defaults */
@ -17902,20 +17946,28 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.rsa = (RsaKey*)XMALLOC(sizeof(RsaKey), sigCtx->key.rsa = (RsaKey*)XMALLOC(sizeof(RsaKey),
sigCtx->heap, DYNAMIC_TYPE_RSA); sigCtx->heap, DYNAMIC_TYPE_RSA);
if (sigCtx->key.rsa == NULL) { if (sigCtx->key.rsa == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.rsa = rsaKey;
#endif
if ((ret = wc_InitRsaKey_ex(sigCtx->key.rsa, sigCtx->heap, if ((ret = wc_InitRsaKey_ex(sigCtx->key.rsa, sigCtx->heap,
sigCtx->devId)) != 0) { sigCtx->devId)) != 0) {
goto exit_cs; goto exit_cs;
} }
#ifndef WOLFSSL_NO_MALLOC
sigCtx->sigCpy = (byte*)XMALLOC(sigSz, sigCtx->heap, sigCtx->sigCpy = (byte*)XMALLOC(sigSz, sigCtx->heap,
DYNAMIC_TYPE_SIGNATURE); DYNAMIC_TYPE_SIGNATURE);
if (sigCtx->sigCpy == NULL) { if (sigCtx->sigCpy == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->sigCpy = sigCpy;
#endif
if (sigSz > MAX_ENCODED_SIG_SZ) { if (sigSz > MAX_ENCODED_SIG_SZ) {
WOLFSSL_MSG("Verify Signature is too big"); WOLFSSL_MSG("Verify Signature is too big");
ERROR_OUT(BUFFER_E, exit_cs); ERROR_OUT(BUFFER_E, exit_cs);
@ -17944,20 +17996,28 @@ int ConfirmSignature(SignatureCtx* sigCtx,
WOLFSSL_MSG("Verify Signature is too small"); WOLFSSL_MSG("Verify Signature is too small");
ERROR_OUT(BUFFER_E, exit_cs); ERROR_OUT(BUFFER_E, exit_cs);
} }
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey), sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey),
sigCtx->heap, DYNAMIC_TYPE_DSA); sigCtx->heap, DYNAMIC_TYPE_DSA);
if (sigCtx->key.dsa == NULL) { if (sigCtx->key.dsa == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.dsa = dsaKey;
#endif
if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) { if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) {
WOLFSSL_MSG("wc_InitDsaKey_h error"); WOLFSSL_MSG("wc_InitDsaKey_h error");
goto exit_cs; goto exit_cs;
} }
#ifndef WOLFSSL_NO_MALLOC
sigCtx->sigCpy = (byte*)XMALLOC(sigSz, sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
sigCtx->heap, DYNAMIC_TYPE_SIGNATURE); sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
if (sigCtx->sigCpy == NULL) { if (sigCtx->sigCpy == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->sigCpy = sigCpy;
#endif
if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa, if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
keySz)) != 0) { keySz)) != 0) {
WOLFSSL_MSG("ASN Key decode error DSA"); WOLFSSL_MSG("ASN Key decode error DSA");
@ -17967,7 +18027,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigSz != DSA_160_SIG_SIZE && if (sigSz != DSA_160_SIG_SIZE &&
sigSz != DSA_256_SIG_SIZE) { sigSz != DSA_256_SIG_SIZE) {
/* Try to parse it as the contents of a bitstring */ /* Try to parse it as the contents of a bitstring */
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
mp_int* r; mp_int* r;
mp_int* s; mp_int* s;
#else #else
@ -17977,7 +18037,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
int rSz; int rSz;
int sSz; int sSz;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
r = (mp_int*)XMALLOC(sizeof(*r), sigCtx->heap, r = (mp_int*)XMALLOC(sizeof(*r), sigCtx->heap,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (r == NULL) { if (r == NULL) {
@ -18001,7 +18061,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
"incorrect format"); "incorrect format");
mp_free(r); mp_free(r);
mp_free(s); mp_free(s);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@ -18014,7 +18074,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
"incorrect format"); "incorrect format");
mp_free(r); mp_free(r);
mp_free(s); mp_free(s);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@ -18027,7 +18087,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
"incorrect format"); "incorrect format");
mp_free(r); mp_free(r);
mp_free(s); mp_free(s);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@ -18035,7 +18095,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
} }
mp_free(r); mp_free(r);
mp_free(s); mp_free(s);
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(r, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(s, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
@ -18055,33 +18115,42 @@ int ConfirmSignature(SignatureCtx* sigCtx,
word32 idx = 0; word32 idx = 0;
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC) defined(WC_ASYNC_ENABLE_ECC)
#ifndef WOLFSSL_NO_MALLOC
ecc_nb_ctx_t* nbCtx; ecc_nb_ctx_t* nbCtx;
#else
ecc_nb_ctx_t nbCtx[1];
#endif
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
WC_ASYNC_ENABLE_ECC */ WC_ASYNC_ENABLE_ECC */
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key), sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key),
sigCtx->heap, DYNAMIC_TYPE_ECC); sigCtx->heap, DYNAMIC_TYPE_ECC);
if (sigCtx->key.ecc == NULL) { if (sigCtx->key.ecc == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.ecc = eccKey;
#endif
if ((ret = wc_ecc_init_ex(sigCtx->key.ecc, sigCtx->heap, if ((ret = wc_ecc_init_ex(sigCtx->key.ecc, sigCtx->heap,
sigCtx->devId)) < 0) { sigCtx->devId)) < 0) {
goto exit_cs; goto exit_cs;
} }
#if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \ #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
defined(WC_ASYNC_ENABLE_ECC) defined(WC_ASYNC_ENABLE_ECC)
#ifndef WOLFSSL_NO_MALLOC
nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t), nbCtx = (ecc_nb_ctx_t*)XMALLOC(sizeof(ecc_nb_ctx_t),
sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (nbCtx == NULL) { if (nbCtx == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
else { #endif
ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx); ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx);
if (ret != 0) { if (ret != 0) {
goto exit_cs; goto exit_cs;
}
} }
#endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW && #endif /* WC_ECC_NONBLOCK && WOLFSSL_ASYNC_CRYPT_SW &&
WC_ASYNC_ENABLE_ECC */ WC_ASYNC_ENABLE_ECC */
ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc, ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc,
@ -18101,12 +18170,16 @@ int ConfirmSignature(SignatureCtx* sigCtx,
case ED25519k: case ED25519k:
{ {
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.ed25519 = (ed25519_key*)XMALLOC( sigCtx->key.ed25519 = (ed25519_key*)XMALLOC(
sizeof(ed25519_key), sigCtx->heap, sizeof(ed25519_key), sigCtx->heap,
DYNAMIC_TYPE_ED25519); DYNAMIC_TYPE_ED25519);
if (sigCtx->key.ed25519 == NULL) { if (sigCtx->key.ed25519 == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.ed25519 = ed25519Key;
#endif
if ((ret = wc_ed25519_init_ex(sigCtx->key.ed25519, if ((ret = wc_ed25519_init_ex(sigCtx->key.ed25519,
sigCtx->heap, sigCtx->devId)) < 0) { sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs; goto exit_cs;
@ -18127,12 +18200,16 @@ int ConfirmSignature(SignatureCtx* sigCtx,
case ED448k: case ED448k:
{ {
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.ed448 = (ed448_key*)XMALLOC( sigCtx->key.ed448 = (ed448_key*)XMALLOC(
sizeof(ed448_key), sigCtx->heap, sizeof(ed448_key), sigCtx->heap,
DYNAMIC_TYPE_ED448); DYNAMIC_TYPE_ED448);
if (sigCtx->key.ed448 == NULL) { if (sigCtx->key.ed448 == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.ed448 = ed448Key;
#endif
if ((ret = wc_ed448_init(sigCtx->key.ed448)) < 0) { if ((ret = wc_ed448_init(sigCtx->key.ed448)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18153,6 +18230,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.falcon = sigCtx->key.falcon =
(falcon_key*)XMALLOC(sizeof(falcon_key), (falcon_key*)XMALLOC(sizeof(falcon_key),
sigCtx->heap, sigCtx->heap,
@ -18160,6 +18238,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.falcon == NULL) { if (sigCtx->key.falcon == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.falcon = falconKey;
#endif
if ((ret = wc_falcon_init_ex(sigCtx->key.falcon, if ((ret = wc_falcon_init_ex(sigCtx->key.falcon,
sigCtx->heap, sigCtx->devId)) < 0) { sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs; goto exit_cs;
@ -18180,6 +18261,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.falcon = sigCtx->key.falcon =
(falcon_key*)XMALLOC(sizeof(falcon_key), (falcon_key*)XMALLOC(sizeof(falcon_key),
sigCtx->heap, sigCtx->heap,
@ -18187,6 +18269,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.falcon == NULL) { if (sigCtx->key.falcon == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.falcon = falconKey;
#endif
if ((ret = wc_falcon_init_ex(sigCtx->key.falcon, if ((ret = wc_falcon_init_ex(sigCtx->key.falcon,
sigCtx->heap, sigCtx->devId)) < 0) { sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs; goto exit_cs;
@ -18243,12 +18328,16 @@ int ConfirmSignature(SignatureCtx* sigCtx,
goto exit_cs; goto exit_cs;
} }
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.dilithium = (dilithium_key*)XMALLOC( sigCtx->key.dilithium = (dilithium_key*)XMALLOC(
sizeof(dilithium_key), sigCtx->heap, sizeof(dilithium_key), sigCtx->heap,
DYNAMIC_TYPE_DILITHIUM); DYNAMIC_TYPE_DILITHIUM);
if (sigCtx->key.dilithium == NULL) { if (sigCtx->key.dilithium == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.dilithium = dilithiumKey;
#endif
if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium, if ((ret = wc_dilithium_init_ex(sigCtx->key.dilithium,
sigCtx->heap, sigCtx->devId)) < 0) { sigCtx->heap, sigCtx->devId)) < 0) {
goto exit_cs; goto exit_cs;
@ -18270,6 +18359,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18277,6 +18367,10 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18296,6 +18390,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18303,6 +18398,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18322,6 +18420,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18329,6 +18428,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18348,6 +18450,8 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
sigCtx->key.sphincs =
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18355,6 +18459,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18374,6 +18481,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18381,6 +18489,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18400,6 +18511,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
{ {
word32 idx = 0; word32 idx = 0;
sigCtx->verify = 0; sigCtx->verify = 0;
#ifndef WOLFSSL_NO_MALLOC
sigCtx->key.sphincs = sigCtx->key.sphincs =
(sphincs_key*)XMALLOC(sizeof(sphincs_key), (sphincs_key*)XMALLOC(sizeof(sphincs_key),
sigCtx->heap, sigCtx->heap,
@ -18407,6 +18519,9 @@ int ConfirmSignature(SignatureCtx* sigCtx,
if (sigCtx->key.sphincs == NULL) { if (sigCtx->key.sphincs == NULL) {
ERROR_OUT(MEMORY_E, exit_cs); ERROR_OUT(MEMORY_E, exit_cs);
} }
#else
sigCtx->key.sphincs = spincsKey;
#endif
if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) { if ((ret = wc_sphincs_init(sigCtx->key.sphincs)) < 0) {
goto exit_cs; goto exit_cs;
} }
@ -18683,7 +18798,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
defined(WOLFSSL_RENESAS_FSPSM_TLS) defined(WOLFSSL_RENESAS_FSPSM_TLS)
if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break; if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break;
#endif #endif
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (encodedSig == NULL) { if (encodedSig == NULL) {
@ -18710,7 +18825,7 @@ int ConfirmSignature(SignatureCtx* sigCtx,
WOLFSSL_ERROR_VERBOSE(ret); WOLFSSL_ERROR_VERBOSE(ret);
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(encodedSig, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encodedSig, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif
break; break;
@ -23915,7 +24030,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req) void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req)
{ {
#ifndef WOLFSSL_ASN_TEMPLATE #ifndef WOLFSSL_ASN_TEMPLATE
#ifndef WOLFSSL_SMALL_STACK #if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
SignatureCtx sigCtx[1]; SignatureCtx sigCtx[1];
#else #else
SignatureCtx* sigCtx; SignatureCtx* sigCtx;
@ -23947,7 +24062,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
sigCtx = (SignatureCtx*)XMALLOC(sizeof(*sigCtx), heap, DYNAMIC_TYPE_SIGNATURE); sigCtx = (SignatureCtx*)XMALLOC(sizeof(*sigCtx), heap, DYNAMIC_TYPE_SIGNATURE);
if (sigCtx == NULL) if (sigCtx == NULL)
return MEMORY_E; return MEMORY_E;

6
wolfcrypt/src/hash.c
View File

@ -1477,13 +1477,13 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
void* heap, int devId) void* heap, int devId)
{ {
int ret = 0; int ret = 0;
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
wc_Sha256* sha256; wc_Sha256* sha256;
#else #else
wc_Sha256 sha256[1]; wc_Sha256 sha256[1];
#endif #endif
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (sha256 == NULL) if (sha256 == NULL)
@ -1504,7 +1504,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
} }
#ifdef WOLFSSL_SMALL_STACK #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif

6
wolfcrypt/src/sha256.c
View File

@ -1171,7 +1171,7 @@ static int InitSha256(wc_Sha256* sha256)
word32 S[8], t0, t1; word32 S[8], t0, t1;
int i; int i;
#ifdef WOLFSSL_SMALL_STACK_CACHE #if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_NO_MALLOC)
word32* W = sha256->W; word32* W = sha256->W;
if (W == NULL) { if (W == NULL) {
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL, W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
@ -1180,7 +1180,7 @@ static int InitSha256(wc_Sha256* sha256)
return MEMORY_E; return MEMORY_E;
sha256->W = W; sha256->W = W;
} }
#elif defined(WOLFSSL_SMALL_STACK) #elif defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
word32* W; word32* W;
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL, W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
@ -1221,7 +1221,7 @@ static int InitSha256(wc_Sha256* sha256)
sha256->digest[i] += S[i]; sha256->digest[i] += S[i];
} }
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_NO_MALLOC)
ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE); ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif #endif