feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #900 from dgarske/coverity_part3

Browse Source 
Coverity fixes for TLS 1.3, async, small stack and normal math.
This commit is contained in:
toddouska
2017-05-11 13:05:53 -07:00
committed by GitHub
parent 5c652e398f 8d4f8c6d80
commit ce42738198
12 changed files with 228 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
examples/client/client.c
View File

@@ -1056,6 +1056,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef WOLFSSL_TLS13
updateKeysIVs = 1;
#endif
break;
case 'y' :
#if defined(WOLFSSL_TLS13) && !defined(NO_DH)

2
examples/echoserver/echoserver.c
View File

@@ -392,7 +392,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
err = 0; /* reset error */
ret = CyaSSL_write(write_ssl, command, echoSz);
if (ret <= 0) {
err = CyaSSL_get_error(ssl, 0);
err = CyaSSL_get_error(write_ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);

28
src/internal.c
View File

@@ -5870,25 +5870,23 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
int ret = 0;
#ifdef WOLFSSL_SHA384
#ifdef WOLFSSL_SMALL_STACK
Sha384* sha384 = (Sha384*)XMALLOC(sizeof(Sha384), ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);
Sha384* sha384;
#else
Sha384 sha384[1];
#endif /* WOLFSSL_SMALL_STACK */
#endif /* WOLFSSL_SHA384 */
if (ssl == NULL)
return BAD_FUNC_ARG;
#ifdef WOLFSSL_SHA384
#ifdef WOLFSSL_SMALL_STACK
if (ssl == NULL
#ifdef WOLFSSL_SHA384
|| sha384 == NULL
#endif
) {
#ifdef WOLFSSL_SHA384
XFREE(sha384, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
sha384 = (Sha384*)XMALLOC(sizeof(Sha384), ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (sha384 == NULL)
return MEMORY_E;
}
#endif
#endif /* WOLFSSL_SMALL_STACK */
#endif /* WOLFSSL_SHA384 */
/* store current states, building requires get_digest which resets state */
#ifdef WOLFSSL_SHA384
@@ -11313,12 +11311,6 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
}
#endif
/* catch mistaken sizeOnly parameter */
if (sizeOnly && (output || input) ) {
WOLFSSL_MSG("BuildMessage with sizeOnly doesn't need input or output");
return BAD_FUNC_ARG;
}
ret = WC_NOT_PENDING_E;
#ifdef WOLFSSL_ASYNC_CRYPT
if (asyncOkay) {

9
src/ssl.c
View File

@@ -5052,9 +5052,10 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, info, &eccKey);
if (ret != 0) {
FreeDer(&der);
#ifdef WOLFSSL_SMALL_STACK
XFREE(info, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(info, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
InitDecodedCert(cert, der->buffer, der->length, cm->heap);
@@ -5452,7 +5453,7 @@ int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
ReadDirCtx* readCtx = NULL;
readCtx = (ReadDirCtx*)XMALLOC(sizeof(ReadDirCtx), ctx->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (name == NULL)
if (readCtx == NULL)
return MEMORY_E;
#else
ReadDirCtx readCtx[1];

241
src/tls13.c
View File

@@ -314,34 +314,44 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
const byte* protocol;
word32 protocolLen;
int digestAlg;
int ret = BAD_FUNC_ARG;
switch (hashAlgo) {
#ifndef NO_WOLFSSL_SHA256
case sha256_mac:
wc_InitSha256(&digest.sha256);
wc_Sha256Update(&digest.sha256, msg, msgLen);
wc_Sha256Final(&digest.sha256, hash);
wc_Sha256Free(&digest.sha256);
ret = wc_InitSha256_ex(&digest.sha256, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_Sha256Update(&digest.sha256, msg, msgLen);
if (ret == 0)
ret = wc_Sha256Final(&digest.sha256, hash);
wc_Sha256Free(&digest.sha256);
}
hashSz = SHA256_DIGEST_SIZE;
digestAlg = SHA256;
break;
#endif
#ifdef WOLFSSL_SHA384
case sha384_mac:
wc_InitSha384(&digest.sha384);
wc_Sha384Update(&digest.sha384, msg, msgLen);
wc_Sha384Final(&digest.sha384, hash);
wc_Sha384Free(&digest.sha384);
ret = wc_InitSha384_ex(&digest.sha384, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_Sha384Update(&digest.sha384, msg, msgLen);
if (ret == 0)
ret = wc_Sha384Final(&digest.sha384, hash);
wc_Sha384Free(&digest.sha384);
}
hashSz = SHA384_DIGEST_SIZE;
digestAlg = SHA384;
break;
#endif
#ifdef WOLFSSL_SHA512
case sha512_mac:
wc_InitSha512(&digest.sha512);
wc_Sha512Update(&digest.sha512, msg, msgLen);
wc_Sha512Final(&digest.sha512, hash);
wc_Sha512Free(&digest.sha512);
ret = wc_InitSha512_ex(&digest.sha512, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_Sha512Update(&digest.sha512, msg, msgLen);
if (ret == 0)
ret = wc_Sha512Final(&digest.sha512, hash);
wc_Sha512Free(&digest.sha512);
}
hashSz = SHA512_DIGEST_SIZE;
digestAlg = SHA512;
break;
@@ -351,6 +361,9 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
return BAD_FUNC_ARG;
}
if (ret != 0)
return ret;
switch (ssl->version.minor) {
case TLSv1_3_MINOR:
protocol = tls13ProtocolLabel;
@@ -728,11 +741,13 @@ static int DeriveMasterSecret(WOLFSSL* ssl)
* hash The hash result - verify data.
* returns length of verify data generated.
*/
static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash)
static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash,
word32* pHashSz)
{
Hmac verifyHmac;
int hashType = SHA256;
int hashSz = SHA256_DIGEST_SIZE;
int ret = BAD_FUNC_ARG;
/* Get the hash of the previous handshake messages. */
switch (ssl->specs.mac_algorithm) {
@@ -740,31 +755,42 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash)
case sha256_mac:
hashType = SHA256;
hashSz = SHA256_DIGEST_SIZE;
wc_Sha256GetHash(&ssl->hsHashes->hashSha256, hash);
ret = wc_Sha256GetHash(&ssl->hsHashes->hashSha256, hash);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case sha384_mac:
hashType = SHA384;
hashSz = SHA384_DIGEST_SIZE;
wc_Sha384GetHash(&ssl->hsHashes->hashSha384, hash);
ret = wc_Sha384GetHash(&ssl->hsHashes->hashSha384, hash);
break;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case sha512_mac:
hashType = SHA512;
hashSz = SHA512_DIGEST_SIZE;
wc_Sha512GetHash(&ssl->hsHashes->hashSha512, hash);
ret = wc_Sha512GetHash(&ssl->hsHashes->hashSha512, hash);
break;
#endif /* WOLFSSL_SHA512 */
}
if (ret != 0)
return ret;
/* Calculate the verify data. */
wc_HmacSetKey(&verifyHmac, hashType, key, ssl->specs.hash_size);
wc_HmacUpdate(&verifyHmac, hash, hashSz);
wc_HmacFinal(&verifyHmac, hash);
ret = wc_HmacInit(&verifyHmac, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_HmacSetKey(&verifyHmac, hashType, key, ssl->specs.hash_size);
if (ret == 0)
ret = wc_HmacUpdate(&verifyHmac, hash, hashSz);
if (ret == 0)
ret = wc_HmacFinal(&verifyHmac, hash);
wc_HmacFree(&verifyHmac);
}
return hashSz;
if (pHashSz)
*pHashSz = hashSz;
return ret;
}
/* The length of the label to use when deriving keys. */
@@ -1125,16 +1151,20 @@ end:
*/
static int HashInputRaw(WOLFSSL* ssl, const byte* input, int sz)
{
int ret = 0;
int ret = BAD_FUNC_ARG;
#ifndef NO_OLD_TLS
#ifndef NO_SHA
wc_ShaUpdate(&ssl->hsHashes->hashSha, input, sz);
ret = wc_ShaUpdate(&ssl->hsHashes->hashSha, input, sz);
if (ret != 0)
return ret;
#endif
#ifndef NO_MD5
wc_Md5Update(&ssl->hsHashes->hashMd5, input, sz);
#endif
ret = wc_Md5Update(&ssl->hsHashes->hashMd5, input, sz);
if (ret != 0)
return ret;
#endif
#endif /* !NO_OLD_TLS */
#ifndef NO_SHA256
ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, input, sz);
@@ -1723,9 +1753,13 @@ static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx)
XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret,
ssl->arrays->psk_keySz);
/* Derive the early secret using the PSK. */
DeriveEarlySecret(ssl);
ret = DeriveEarlySecret(ssl);
if (ret != 0)
return ret;
/* Derive the binder key to use to with HMAC. */
DeriveBinderKeyResume(ssl, binderKey);
ret = DeriveBinderKeyResume(ssl, binderKey);
if (ret != 0)
return ret;
}
else {
/* TODO: [TLS13] Support non-ticket PSK. */
@@ -1734,16 +1768,25 @@ static int WritePSKBinders(WOLFSSL* ssl, byte* output, word32 idx)
(char *)current->identity, ssl->arrays->client_identity,
MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
/* Derive the early secret using the PSK. */
DeriveEarlySecret(ssl);
ret = DeriveEarlySecret(ssl);
if (ret != 0)
return ret;
/* Derive the binder key to use to with HMAC. */
DeriveBinderKey(ssl, binderKey);
ret = DeriveBinderKey(ssl, binderKey);
if (ret != 0)
return ret;
}
/* Derive the Finished message secret. */
DeriveFinishedSecret(ssl, binderKey, ssl->keys.client_write_MAC_secret);
ret = DeriveFinishedSecret(ssl, binderKey, ssl->keys.client_write_MAC_secret);
if (ret != 0)
return ret;
/* Build the HMAC of the handshake message data = binder. */
current->binderLen = BuildTls13HandshakeHmac(ssl,
ssl->keys.client_write_MAC_secret, current->binder);
ret = BuildTls13HandshakeHmac(ssl, ssl->keys.client_write_MAC_secret,
current->binder, &current->binderLen);
if (ret != 0)
return ret;
current = current->next;
}
@@ -2204,7 +2247,7 @@ static int DoPreSharedKeys(WOLFSSL *ssl, const byte* input, word32 helloSz,
PreSharedKey* current;
byte binderKey[MAX_DIGEST_SIZE];
byte binder[MAX_DIGEST_SIZE];
word16 binderLen;
word32 binderLen;
word16 modes;
ext = TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY);
@@ -2260,9 +2303,13 @@ static int DoPreSharedKeys(WOLFSSL *ssl, const byte* input, word32 helloSz,
XMEMCPY(ssl->arrays->psk_key, ssl->session.masterSecret,
ssl->specs.hash_size);
/* Derive the early secret using the PSK. */
DeriveEarlySecret(ssl);
ret = DeriveEarlySecret(ssl);
if (ret != 0)
return ret;
/* Derive the binder key to use to with HMAC. */
DeriveBinderKeyResume(ssl, binderKey);
ret = DeriveBinderKeyResume(ssl, binderKey);
if (ret != 0)
return ret;
}
else {
/* PSK age is always zero. */
@@ -2274,16 +2321,26 @@ static int DoPreSharedKeys(WOLFSSL *ssl, const byte* input, word32 helloSz,
(char*)current->identity, ssl->arrays->client_identity,
MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN);
/* Derive the early secret using the PSK. */
DeriveEarlySecret(ssl);
ret = DeriveEarlySecret(ssl);
if (ret != 0)
return ret;
/* Derive the binder key to use to with HMAC. */
DeriveBinderKey(ssl, binderKey);
ret = DeriveBinderKey(ssl, binderKey);
if (ret != 0)
return ret;
}
/* Derive the Finished message secret. */
DeriveFinishedSecret(ssl, binderKey, ssl->keys.client_write_MAC_secret);
ret = DeriveFinishedSecret(ssl, binderKey,
ssl->keys.client_write_MAC_secret);
if (ret != 0)
return ret;
/* Derive the binder and compare with the one in the extension. */
binderLen = BuildTls13HandshakeHmac(ssl,
ssl->keys.client_write_MAC_secret, binder);
ret = BuildTls13HandshakeHmac(ssl,
ssl->keys.client_write_MAC_secret, binder, &binderLen);
if (ret != 0)
return ret;
if (binderLen != current->binderLen ||
XMEMCMP(binder, current->binder, binderLen) != 0) {
return BAD_BINDER;
@@ -2962,41 +3019,54 @@ static int CreateRSAEncodedSig(byte* sig, byte* sigData, int sigDataSz,
Digest digest;
int hashSz = 0;
int hashOid = 0;
int ret = BAD_FUNC_ARG;
/* Digest the signature data. */
switch (hashAlgo) {
#ifndef NO_WOLFSSL_SHA256
case sha256_mac:
wc_InitSha256(&digest.sha256);
wc_Sha256Update(&digest.sha256, sigData, sigDataSz);
wc_Sha256Final(&digest.sha256, sigData);
wc_Sha256Free(&digest.sha256);
ret = wc_InitSha256(&digest.sha256);
if (ret == 0) {
ret = wc_Sha256Update(&digest.sha256, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha256Final(&digest.sha256, sigData);
wc_Sha256Free(&digest.sha256);
}
hashSz = SHA256_DIGEST_SIZE;
hashOid = SHA256h;
break;
#endif
#ifdef WOLFSSL_SHA384
case sha384_mac:
wc_InitSha384(&digest.sha384);
wc_Sha384Update(&digest.sha384, sigData, sigDataSz);
wc_Sha384Final(&digest.sha384, sigData);
wc_Sha384Free(&digest.sha384);
ret = wc_InitSha384(&digest.sha384);
if (ret == 0) {
ret = wc_Sha384Update(&digest.sha384, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha384Final(&digest.sha384, sigData);
wc_Sha384Free(&digest.sha384);
}
hashSz = SHA384_DIGEST_SIZE;
hashOid = SHA384h;
break;
#endif
#ifdef WOLFSSL_SHA512
case sha512_mac:
wc_InitSha512(&digest.sha512);
wc_Sha512Update(&digest.sha512, sigData, sigDataSz);
wc_Sha512Final(&digest.sha512, sigData);
wc_Sha512Free(&digest.sha512);
ret = wc_InitSha512(&digest.sha512);
if (ret == 0) {
ret = wc_Sha512Update(&digest.sha512, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha512Final(&digest.sha512, sigData);
wc_Sha512Free(&digest.sha512);
}
hashSz = SHA512_DIGEST_SIZE;
hashOid = SHA512h;
break;
#endif
}
if (ret != 0)
return ret;
/* Encode the signature data as per PKCS #1.5 */
return wc_EncodeSignature(sig, sigData, hashSz, hashOid);
}
@@ -3013,38 +3083,51 @@ static int CreateECCEncodedSig(byte* sigData, int sigDataSz, int hashAlgo)
{
Digest digest;
int hashSz = 0;
int ret = BAD_FUNC_ARG;
/* Digest the signature data. */
switch (hashAlgo) {
#ifndef NO_WOLFSSL_SHA256
case sha256_mac:
wc_InitSha256(&digest.sha256);
wc_Sha256Update(&digest.sha256, sigData, sigDataSz);
wc_Sha256Final(&digest.sha256, sigData);
wc_Sha256Free(&digest.sha256);
ret = wc_InitSha256(&digest.sha256);
if (ret == 0) {
ret = wc_Sha256Update(&digest.sha256, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha256Final(&digest.sha256, sigData);
wc_Sha256Free(&digest.sha256);
}
hashSz = SHA256_DIGEST_SIZE;
break;
#endif
#ifdef WOLFSSL_SHA384
case sha384_mac:
wc_InitSha384(&digest.sha384);
wc_Sha384Update(&digest.sha384, sigData, sigDataSz);
wc_Sha384Final(&digest.sha384, sigData);
wc_Sha384Free(&digest.sha384);
ret = wc_InitSha384(&digest.sha384);
if (ret == 0) {
ret = wc_Sha384Update(&digest.sha384, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha384Final(&digest.sha384, sigData);
wc_Sha384Free(&digest.sha384);
}
hashSz = SHA384_DIGEST_SIZE;
break;
#endif
#ifdef WOLFSSL_SHA512
case sha512_mac:
wc_InitSha512(&digest.sha512);
wc_Sha512Update(&digest.sha512, sigData, sigDataSz);
wc_Sha512Final(&digest.sha512, sigData);
wc_Sha512Free(&digest.sha512);
ret = wc_InitSha512(&digest.sha512);
if (ret == 0) {
ret = wc_Sha512Update(&digest.sha512, sigData, sigDataSz);
if (ret == 0)
ret = wc_Sha512Final(&digest.sha512, sigData);
wc_Sha512Free(&digest.sha512);
}
hashSz = SHA512_DIGEST_SIZE;
break;
#endif
}
if (ret != 0)
return ret;
return hashSz;
}
#endif
@@ -3503,14 +3586,17 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
sig->length = MAX_ENCODED_SIG_SZ;
sig->buffer = (byte*)XMALLOC(sig->length, ssl->heap,
DYNAMIC_TYPE_TMP_BUFFER);
if (sig->buffer == NULL)
return MEMORY_E;
if (sig->buffer == NULL) {
ERROR_OUT(MEMORY_E, exit_scv);
}
/* Digest the signature data and encode. Used in verify too. */
sig->length = CreateRSAEncodedSig(sig->buffer, args->sigData,
ret = CreateRSAEncodedSig(sig->buffer, args->sigData,
args->sigDataSz, ssl->suites->hashAlgo);
if (ret != 0)
if (ret < 0)
goto exit_scv;
sig->length = ret;
ret = 0;
/* Maximum size of RSA Signature. */
args->sigLen = args->length;
@@ -3520,8 +3606,12 @@ int SendTls13CertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_ECC) {
sig->length = args->sendSz - args->idx - HASH_SIG_SIZE -
VERIFY_HEADER;
args->sigDataSz = CreateECCEncodedSig(args->sigData,
ret = CreateECCEncodedSig(args->sigData,
args->sigDataSz, ssl->suites->hashAlgo);
if (ret < 0)
goto exit_scv;
args->sigDataSz = ret;
ret = 0;
}
#endif /* HAVE_ECC */
@@ -3831,8 +3921,12 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
}
CreateSigData(ssl, args->sigData, &args->sigDataSz, 1);
args->sigDataSz = CreateECCEncodedSig(args->sigData,
ret = CreateECCEncodedSig(args->sigData,
args->sigDataSz, args->hashAlgo);
if (ret < 0)
goto exit_dcv;
args->sigDataSz = ret;
ret = 0;
}
#endif
@@ -3991,7 +4085,10 @@ static int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
else
secret = ssl->keys.client_write_MAC_secret;
finishedSz = BuildTls13HandshakeHmac(ssl, secret, mac);
ret = BuildTls13HandshakeHmac(ssl, secret, mac, &finishedSz);
if (ret != 0)
return ret;
if (size != finishedSz)
return BUFFER_ERROR;
@@ -4085,7 +4182,9 @@ int SendTls13Finished(WOLFSSL* ssl)
secret = ssl->keys.server_write_MAC_secret;
}
BuildTls13HandshakeHmac(ssl, secret, &input[headerSz]);
ret = BuildTls13HandshakeHmac(ssl, secret, &input[headerSz], NULL);
if (ret != 0)
return ret;
/* This message is always encrypted. */
sendSz = BuildTls13Message(ssl, output, outputSz, input,

3
wolfcrypt/benchmark/benchmark.c
View File

@@ -129,7 +129,8 @@
#define BEGIN_INTEL_CYCLES total_cycles = get_intel_cycles();
#define END_INTEL_CYCLES total_cycles = get_intel_cycles() - total_cycles;
#define SHOW_INTEL_CYCLES printf(" Cycles per byte = %6.2f", \
(float)total_cycles / (count*BENCH_SIZE));
count == 0 ? 0 : \
(float)total_cycles / (count*BENCH_SIZE));
#elif defined(LINUX_CYCLE_COUNT)
#include <linux/perf_event.h>
#include <sys/syscall.h>

7
wolfcrypt/src/asn.c
View File

@@ -9532,8 +9532,13 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
XMEMCPY(priv, &input[*inOutIdx], privSz);
*inOutIdx += length;
if ((*inOutIdx + 1) > inSz)
if ((*inOutIdx + 1) > inSz) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return BUFFER_E;
}
/* prefix 0, may have */
b = input[*inOutIdx];

2
wolfcrypt/src/ecc.c
View File

@@ -4850,9 +4850,11 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
if (err == MP_OKAY) {
int keysize;
#ifdef HAVE_COMP_KEY
/* adjust inLen if compressed */
if (compressed)
inLen = (inLen-1)*2 + 1; /* used uncompressed len */
#endif
/* determine key size */
keysize = ((inLen-1)>>1);

7
wolfcrypt/src/hmac.c
View File

@@ -806,8 +806,13 @@ int wolfSSL_GetHmacMaxSize(void)
Hmac myHmac;
int ret;
const byte* localSalt; /* either points to user input or tmp */
int hashSz = wc_HmacSizeByType(type);
int hashSz;
ret = wc_HmacSizeByType(type);
if (ret < 0)
return ret;
hashSz = ret;
localSalt = salt;
if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz);

6
wolfcrypt/src/integer.c
View File

@@ -4253,14 +4253,16 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
/* no easy answer [c'est la vie]. Just division */
if (c != NULL) {
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
return res;
return res;
}
q.used = a->used;
q.sign = a->sign;
}
else {
mp_init(&q); /* initialize to help static analysis */
if ((res = mp_init(&q)) != MP_OKAY) {
return res;
}
}

33
wolfcrypt/src/rsa.c
View File

@@ -195,25 +195,32 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
key->rng = NULL;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
/* handle as async */
ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_RSA,
key->heap, devId);
#ifdef WOLFSSL_ASYNC_CRYPT
#ifdef WOLFSSL_CERT_GEN
XMEMSET(&key->certSignCtx, 0, sizeof(CertSignCtx));
#endif
#ifdef WC_ASYNC_ENABLE_RSA
/* handle as async */
ret = wolfAsync_DevCtxInit(&key->asyncDev, WOLFSSL_ASYNC_MARKER_RSA,
key->heap, devId);
if (ret != 0)
return ret;
#endif /* WC_ASYNC_ENABLE_RSA */
#else
(void)devId;
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
mp_init(&key->n);
mp_init(&key->e);
mp_init(&key->d);
mp_init(&key->p);
mp_init(&key->q);
mp_init(&key->dP);
mp_init(&key->dQ);
mp_init(&key->u);
ret = mp_init_multi(&key->n, &key->e, NULL, NULL, NULL, NULL);
if (ret != MP_OKAY)
return ret;
ret = mp_init_multi(&key->d, &key->p, &key->q, &key->dP, &key->dQ, &key->u);
if (ret != MP_OKAY) {
mp_clear(&key->n);
mp_clear(&key->e);
return ret;
}
return ret;
}

2
wolfssl/internal.h
View File

@@ -2052,7 +2052,7 @@ typedef struct PreSharedKey {
word16 identityLen; /* Length of identity */
byte* identity; /* PSK identity */
word32 ticketAge; /* Age of the ticket */
byte binderLen; /* Length of HMAC */
word32 binderLen; /* Length of HMAC */
byte binder[MAX_DIGEST_SIZE]; /* HMAC of hanshake */
byte hmac; /* HMAC algorithm */
byte resumption:1; /* Resumption PSK */