feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Memory usage improvements

Browse Source 
ECC: make private key field 'k' able to be smaller when ALT_ECC_SIZE is
defined.
WOLFSSL_SMALL_STACK_CACHE: allocate temps using new macros.
This commit is contained in:
Sean Parkinson
2023-04-24 17:03:34 +10:00
parent 6369b1e9ec
commit d2afe9e5e0
18 changed files with 495 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
src/internal.c
View File

@@ -25415,6 +25415,29 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
break;
#endif
if (IsAtLeastTLSv1_2(ssl) && !IsAtLeastTLSv1_3(ssl->version) &&
(ssl->options.side == WOLFSSL_CLIENT_END)) {
/* TLS 1.2 client deciding hash algorithm for
* CertificateVerify. Hash must be one of the handshake
* hashes being maintained. */
if (1
#ifndef NO_SHA
&& (hashAlgo != sha_mac)
#endif
#ifndef NO_SHA256
&& (hashAlgo != sha256_mac)
#endif
#ifdef WOLFSSL_SHA384
&& (hashAlgo != sha384_mac)
#endif
#ifdef WOLFSSL_SHA512
&& (hashAlgo != sha512_mac)
#endif
)
{
break;
}
}
/* The chosen one - but keep looking. */
ssl->options.hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
@@ -30188,17 +30211,22 @@ int SendCertificateVerify(WOLFSSL* ssl)
}
#endif
#ifndef NO_OLD_TLS
#ifndef NO_SHA
/* old tls default */
SetDigest(ssl, sha_mac);
#endif
#else
#ifndef NO_SHA256
/* new tls default */
SetDigest(ssl, sha256_mac);
#endif
#endif /* !NO_OLD_TLS */
if (!IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_OLD_TLS
#ifndef NO_SHA
/* old tls default */
SetDigest(ssl, sha_mac);
#endif
#else
#ifndef NO_SHA256
/* new tls default */
SetDigest(ssl, sha256_mac);
#endif
#endif /* !NO_OLD_TLS */
}
else {
SetDigest(ssl, ssl->options.hashAlgo);
}
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
#ifdef WC_RSA_PSS