From d3b41a2fedfd3fa27603cb2e09183c304fe07a46 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Wed, 21 Apr 2021 09:10:32 +0900 Subject: [PATCH] addressed review comments p1 --- tests/api.c | 22 +--------------------- wolfcrypt/src/evp.c | 40 ++++++++++++++++++++-------------------- 2 files changed, 21 insertions(+), 41 deletions(-) diff --git a/tests/api.c b/tests/api.c index 28176612c..1b4537f48 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36746,26 +36746,6 @@ static void test_wolfSSL_EVP_PKEY_assign_DH(void) #endif } -static void test_wolfSSL_EVP_PKEY_param_check(void) -{ -#if defined(OPENSSL_EXTRA) - EVP_PKEY* pkey; - EVP_PKEY_CTX* ctx; - - printf(testingFmt, "test_wolfSSL_EVP_PKEY_param_check"); - - AssertNotNull(pkey = wolfSSL_EVP_PKEY_new()); - AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); - - /* STUB */ - AssertIntEQ(EVP_PKEY_param_check(ctx), WOLFSSL_FAILURE); - - EVP_PKEY_CTX_free(ctx); - EVP_PKEY_free(pkey); - printf(resultFmt, passed); -#endif -} - static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void) { #if defined(OPENSSL_EXTRA) @@ -36802,7 +36782,7 @@ static void test_wolfSSL_EVP_PKEY_param_check(void) EVP_PKEY_CTX* ctx = NULL; FILE* f = NULL; - unsigned char buf[4096]; + unsigned char buf[512]; const unsigned char* pt = buf; const char* dh2048 = "./certs/dh2048.der"; long len = 0; diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 61c85fe4d..19e0bb4e5 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -2145,7 +2145,7 @@ static int DH_param_check(WOLFSSL_DH* dh_key) wolfSSL_BN_is_odd(dh_key->p) == 0){ WOLFSSL_MSG("dh_key->p is not prime"); ret = WOLFSSL_FAILURE; - } /* TO DO safe prime check. need BN_rshift1 */ + } /* TODO safe prime check. need BN_rshift1 */ /* generator check */ if (ret == WOLFSSL_SUCCESS && @@ -2183,7 +2183,7 @@ static int DH_param_check(WOLFSSL_DH* dh_key) (wolfSSL_BN_is_prime_ex(dh_key->q, 64, ctx, NULL) <= 0)) { WOLFSSL_MSG("dh_key->q is not prime or error during check."); ret = WOLFSSL_FAILURE; - } /* else TO DO check q div q - 1. need BN_div */ + } /* else TODO check q div q - 1. need BN_div */ #endif } @@ -2217,38 +2217,38 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx) switch(type) { #if !defined(NO_RSA) - case EVP_PKEY_RSA: - WOLFSSL_MSG("not yet implemented"); - return WOLFSSL_FAILURE; + case EVP_PKEY_RSA: + WOLFSSL_MSG("EVP_PKEY_RSA not yet implemented"); + return WOLFSSL_FAILURE; #endif #if defined(HAVE_ECC) - case EVP_PKEY_EC: - WOLFSSL_MSG("not yet implemented"); - return WOLFSSL_FAILURE; + case EVP_PKEY_EC: + WOLFSSL_MSG("EVP_PKEY_EC not yet implemented"); + return WOLFSSL_FAILURE; #endif #if !defined(NO_DSA) - case EVP_PKEY_DSA: - WOLFSSL_MSG("not yet implemented"); - return WOLFSSL_FAILURE; + case EVP_PKEY_DSA: + WOLFSSL_MSG("EVP_PKEY_DSA not yet implemented"); + return WOLFSSL_FAILURE; #endif #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if !defined(NO_DH) && !defined(NO_FILESYSTEM) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) \ && (HAVE_FIPS_VERSION>2)) - case EVP_PKEY_DH: - dh_key = wolfSSL_EVP_PKEY_get1_DH(ctx->pkey); - if (dh_key != NULL) { - ret = DH_param_check(dh_key); - wolfSSL_DH_free(dh_key); - } - else - ret = WOLFSSL_FAILURE; + case EVP_PKEY_DH: + dh_key = wolfSSL_EVP_PKEY_get1_DH(ctx->pkey); + if (dh_key != NULL) { + ret = DH_param_check(dh_key); + wolfSSL_DH_free(dh_key); + } + else + ret = WOLFSSL_FAILURE; return ret; #endif #endif #endif default: - WOLFSSL_MSG("Unknown PEKY type"); + WOLFSSL_MSG("Unknown PKEY type"); return WOLFSSL_FAILURE; } (void)ret;