diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 9b8408961..6d1de164c 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -1236,7 +1236,7 @@ static void Usage(void) static void ShowCiphers(void) { - char ciphers[4096]; + char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE]; int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers)); @@ -1374,12 +1374,11 @@ int bench_tls(void* args) } else { /* Run for each cipher */ - const int ciphersSz = 4096; - ciphers = (char*)XMALLOC(ciphersSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + ciphers = (char*)XMALLOC(WOLFSSL_CIPHER_LIST_MAX_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (ciphers == NULL) { goto exit; } - wolfSSL_get_ciphers(ciphers, ciphersSz); + wolfSSL_get_ciphers(ciphers, WOLFSSL_CIPHER_LIST_MAX_SIZE); cipher = ciphers; } diff --git a/examples/client/client.c b/examples/client/client.c index 9f908f99a..66b20dd29 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -195,7 +195,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl) static void ShowCiphers(void) { - static char ciphers[4096]; + static char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE]; int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers)); diff --git a/tests/api.c b/tests/api.c index 1612a99c7..5611704a1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -2201,7 +2201,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args) if (cbf != NULL && cbf->ctx_ready != NULL) { cbf->ctx_ready(ctx); } - + while(count != loop_count) { ssl = wolfSSL_new(ctx); if (ssl == NULL) { @@ -2219,7 +2219,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args) "Please run from wolfSSL home dir");*/ goto done; } - + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM); #elif !defined(NO_DH) @@ -2564,7 +2564,7 @@ static void test_client_reuse_WOLFSSLobj(void* args, void *cb, void* server_args if(wolfSSL_KeepHandshakeResources(ssl)) { /* err_sys("SSL_KeepHandshakeResources failed"); */ goto done; - } + } if (sharedCtx && wolfSSL_use_certificate_file(ssl, cliCertFile, WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) { /*err_sys("can't load client cert file, " @@ -23181,6 +23181,49 @@ static void test_wc_ecc_get_curve_id_from_name(void) #endif /* HAVE_ECC */ } +#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \ + !defined(HAVE_SELFTEST) && \ + !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION)) + +static void test_wc_ecc_get_curve_id_from_dp_params(void) +{ + int id; + int curve_id; + int ret = 0; + WOLFSSL_EC_KEY *ecKey; + ecc_key* key; + const ecc_set_type* params; + + printf(testingFmt, "wc_ecc_get_curve_id_from_dp_params"); + + #if !defined(NO_ECC256) && !defined(NO_ECC_SECP) + id = wc_ecc_get_curve_id_from_name("SECP256R1"); + AssertIntEQ(id, ECC_SECP256R1); + + ecKey = wolfSSL_EC_KEY_new_by_curve_name(id); + AssertNotNull(ecKey); + + ret = wolfSSL_EC_KEY_generate_key(ecKey); + + if (ret == 0) { + /* normal test */ + key = (ecc_key*)ecKey->internal; + params = key->dp; + + curve_id = wc_ecc_get_curve_id_from_dp_params(params); + AssertIntEQ(curve_id, id); + } + #endif + /* invalid case, NULL input*/ + + id = wc_ecc_get_curve_id_from_dp_params(NULL); + AssertIntEQ(id, BAD_FUNC_ARG); + wolfSSL_EC_KEY_free(ecKey); + + printf(resultFmt, passed); +} +#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */ + static void test_wc_ecc_get_curve_id_from_params(void) { #ifdef HAVE_ECC @@ -24824,7 +24867,7 @@ void ApiTest(void) test_wolfSSL_read_write(); #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) test_wolfSSL_reuse_WOLFSSLobj(); -#endif +#endif #endif test_wolfSSL_dtls_export(); AssertIntEQ(test_wolfSSL_SetMinVersion(), WOLFSSL_SUCCESS); @@ -24985,7 +25028,6 @@ void ApiTest(void) test_wc_ecc_get_curve_size_from_name(); test_wc_ecc_get_curve_id_from_name(); test_wc_ecc_get_curve_id_from_params(); - #ifdef WOLFSSL_TLS13 /* TLS v1.3 API tests */ test_tls13_apis(); @@ -25133,6 +25175,11 @@ void ApiTest(void) test_wolfSSL_EC(); test_wolfSSL_ECDSA_SIG(); #endif +#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \ + !defined(HAVE_SELFTEST) && \ + !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION)) + test_wc_ecc_get_curve_id_from_dp_params(); +#endif #ifdef HAVE_HASHDRBG #ifdef TEST_RESEED_INTERVAL diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index e993297cf..d89eb15cc 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -180,7 +180,7 @@ int testsuite_test(int argc, char** argv) /* show ciphers */ { - char ciphers[1024]; + char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE]; XMEMSET(ciphers, 0, sizeof(ciphers)); wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1); printf("ciphers = %s\n", ciphers); diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 27bfdd713..f4ac7ff8e 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -3173,11 +3173,11 @@ int wc_ecc_get_curve_id_from_name(const char* curveName) } /* Compares a curve parameter (hex, from ecc_sets[]) to given input - * parameter (byte array) for equality. - * + * parameter for equality. + * encType is WC_TYPE_UNSIGNED_BIN or WC_TYPE_HEX_STR * Returns MP_EQ on success, negative on error */ static int wc_ecc_cmp_param(const char* curveParam, - const byte* param, word32 paramSz) + const byte* param, word32 paramSz, int encType) { int err = MP_OKAY; #ifdef WOLFSSL_SMALL_STACK @@ -3190,6 +3190,9 @@ static int wc_ecc_cmp_param(const char* curveParam, if (param == NULL || curveParam == NULL) return BAD_FUNC_ARG; + if (encType == WC_TYPE_HEX_STR) + return XSTRNCMP(curveParam, (char*) param, paramSz); + #ifdef WOLFSSL_SMALL_STACK a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); if (a == NULL) @@ -3209,9 +3212,9 @@ static int wc_ecc_cmp_param(const char* curveParam, return err; } - if (err == MP_OKAY) + if (err == MP_OKAY) { err = mp_read_unsigned_bin(a, param, paramSz); - + } if (err == MP_OKAY) err = mp_read_radix(b, curveParam, MP_RADIX_HEX); @@ -3270,13 +3273,17 @@ int wc_ecc_get_curve_id_from_params(int fieldSize, for (idx = 0; ecc_sets[idx].size != 0; idx++) { if (curveSz == ecc_sets[idx].size) { if ((wc_ecc_cmp_param(ecc_sets[idx].prime, prime, - primeSz) == MP_EQ) && - (wc_ecc_cmp_param(ecc_sets[idx].Af, Af, AfSz) == MP_EQ) && - (wc_ecc_cmp_param(ecc_sets[idx].Bf, Bf, BfSz) == MP_EQ) && + primeSz, WC_TYPE_UNSIGNED_BIN) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Af, Af, AfSz, + WC_TYPE_UNSIGNED_BIN) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Bf, Bf, BfSz, + WC_TYPE_UNSIGNED_BIN) == MP_EQ) && (wc_ecc_cmp_param(ecc_sets[idx].order, order, - orderSz) == MP_EQ) && - (wc_ecc_cmp_param(ecc_sets[idx].Gx, Gx, GxSz) == MP_EQ) && - (wc_ecc_cmp_param(ecc_sets[idx].Gy, Gy, GySz) == MP_EQ) && + orderSz, WC_TYPE_UNSIGNED_BIN) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Gx, Gx, GxSz, + WC_TYPE_UNSIGNED_BIN) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Gy, Gy, GySz, + WC_TYPE_UNSIGNED_BIN) == MP_EQ) && (cofactor == ecc_sets[idx].cofactor)) { break; } @@ -3289,6 +3296,47 @@ int wc_ecc_get_curve_id_from_params(int fieldSize, return ecc_sets[idx].id; } +/* Returns the curve id in ecc_sets[] that corresponds + * to a given domain parameters pointer. + * + * dp domain parameters pointer + * + * return curve id, from ecc_sets[] on success, negative on error + */ +int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp) +{ + int idx; + + if (dp == NULL || dp->prime == NULL || dp->Af == NULL || + dp->Bf == NULL || dp->order == NULL || dp->Gx == NULL || dp->Gy == NULL) + return BAD_FUNC_ARG; + + for (idx = 0; ecc_sets[idx].size != 0; idx++) { + if (dp->size == ecc_sets[idx].size) { + if ((wc_ecc_cmp_param(ecc_sets[idx].prime, (const byte*)dp->prime, + (word32)XSTRLEN(dp->prime), WC_TYPE_HEX_STR) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Af, (const byte*)dp->Af, + (word32)XSTRLEN(dp->Af),WC_TYPE_HEX_STR) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Bf, (const byte*)dp->Bf, + (word32)XSTRLEN(dp->Bf),WC_TYPE_HEX_STR) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].order, (const byte*)dp->order, + (word32)XSTRLEN(dp->order),WC_TYPE_HEX_STR) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Gx, (const byte*)dp->Gx, + (word32)XSTRLEN(dp->Gx),WC_TYPE_HEX_STR) == MP_EQ) && + (wc_ecc_cmp_param(ecc_sets[idx].Gy, (const byte*)dp->Gy, + (word32)XSTRLEN(dp->Gy),WC_TYPE_HEX_STR) == MP_EQ) && + (dp->cofactor == ecc_sets[idx].cofactor)) { + break; + } + } + } + + if (ecc_sets[idx].size == 0) + return ECC_CURVE_INVALID; + + return ecc_sets[idx].id; +} + /* Returns the curve id that corresponds to a given OID, * as listed in ecc_sets[] of ecc.c. * diff --git a/wolfssl/test.h b/wolfssl/test.h index 4f9bb5619..3cbdba849 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -156,9 +156,12 @@ #pragma warning(disable:4244 4996) #endif +#ifndef WOLFSSL_CIPHER_LIST_MAX_SIZE + #define WOLFSSL_CIPHER_LIST_MAX_SIZE 4096 +#endif /* Buffer for benchmark tests */ #ifndef TEST_BUFFER_SIZE -#define TEST_BUFFER_SIZE 16384 + #define TEST_BUFFER_SIZE 16384 #endif #ifndef WOLFSSL_HAVE_MIN diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h index bedf9a315..9304cdb24 100644 --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h @@ -522,6 +522,8 @@ int wc_ecc_get_curve_id_from_params(int fieldSize, const byte* prime, word32 primeSz, const byte* Af, word32 AfSz, const byte* Bf, word32 BfSz, const byte* order, word32 orderSz, const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor); +WOLFSSL_API +int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp); WOLFSSL_API int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);