Merge pull request #2209 from tmael/maintenanceDefects

Increased ciphers buffer size for testsuite and ECC API for getting curve from dp

examples/benchmark/tls_bench.c

@@ -1236,7 +1236,7 @@ static void Usage(void)
 
 static void ShowCiphers(void)
 {
-    char ciphers[4096];
+    char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
 
     int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
 
@@ -1374,12 +1374,11 @@ int bench_tls(void* args)
     }
     else {
         /* Run for each cipher */
-        const int ciphersSz = 4096;
+        ciphers = (char*)XMALLOC(WOLFSSL_CIPHER_LIST_MAX_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        ciphers = (char*)XMALLOC(ciphersSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         if (ciphers == NULL) {
             goto exit;
         }
-        wolfSSL_get_ciphers(ciphers, ciphersSz);
+        wolfSSL_get_ciphers(ciphers, WOLFSSL_CIPHER_LIST_MAX_SIZE);
         cipher = ciphers;
     }
 

examples/client/client.c

@@ -195,7 +195,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
 
 static void ShowCiphers(void)
 {
-    static char ciphers[4096];
+    static char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
 
     int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
 

tests/api.c

@@ -23181,6 +23181,49 @@ static void test_wc_ecc_get_curve_id_from_name(void)
 #endif /* HAVE_ECC */
 }
 
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
+    !defined(HAVE_SELFTEST) && \
+    !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
+
+static void test_wc_ecc_get_curve_id_from_dp_params(void)
+{
+    int id;
+    int curve_id;
+    int ret = 0;
+    WOLFSSL_EC_KEY *ecKey;
+    ecc_key* key;
+    const ecc_set_type* params;
+
+    printf(testingFmt, "wc_ecc_get_curve_id_from_dp_params");
+
+    #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
+        id = wc_ecc_get_curve_id_from_name("SECP256R1");
+        AssertIntEQ(id, ECC_SECP256R1);
+
+        ecKey = wolfSSL_EC_KEY_new_by_curve_name(id);
+        AssertNotNull(ecKey);
+
+        ret = wolfSSL_EC_KEY_generate_key(ecKey);
+
+        if (ret == 0) {
+            /* normal test */
+            key = (ecc_key*)ecKey->internal;
+            params = key->dp;
+
+            curve_id = wc_ecc_get_curve_id_from_dp_params(params);
+            AssertIntEQ(curve_id, id);
+        }
+    #endif
+    /* invalid case, NULL input*/
+
+    id = wc_ecc_get_curve_id_from_dp_params(NULL);
+    AssertIntEQ(id, BAD_FUNC_ARG);
+    wolfSSL_EC_KEY_free(ecKey);
+
+    printf(resultFmt, passed);
+}
+#endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */
+
 static void test_wc_ecc_get_curve_id_from_params(void)
 {
 #ifdef HAVE_ECC
@@ -24985,7 +25028,6 @@ void ApiTest(void)
     test_wc_ecc_get_curve_size_from_name();
     test_wc_ecc_get_curve_id_from_name();
     test_wc_ecc_get_curve_id_from_params();
-
 #ifdef WOLFSSL_TLS13
     /* TLS v1.3 API tests */
     test_tls13_apis();
@@ -25133,6 +25175,11 @@ void ApiTest(void)
     test_wolfSSL_EC();
     test_wolfSSL_ECDSA_SIG();
 #endif
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
+    !defined(HAVE_SELFTEST) && \
+    !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
+    test_wc_ecc_get_curve_id_from_dp_params();
+#endif
 
 #ifdef HAVE_HASHDRBG
     #ifdef TEST_RESEED_INTERVAL

testsuite/testsuite.c

@@ -180,7 +180,7 @@ int testsuite_test(int argc, char** argv)
 
     /* show ciphers */
     {
-        char ciphers[1024];
+        char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
         XMEMSET(ciphers, 0, sizeof(ciphers));
         wolfSSL_get_ciphers(ciphers, sizeof(ciphers)-1);
         printf("ciphers = %s\n", ciphers);

wolfcrypt/src/ecc.c

@@ -3173,11 +3173,11 @@ int wc_ecc_get_curve_id_from_name(const char* curveName)
 }
 
 /* Compares a curve parameter (hex, from ecc_sets[]) to given input
- * parameter (byte array) for equality.
+ * parameter for equality.
- *
+ * encType is WC_TYPE_UNSIGNED_BIN or WC_TYPE_HEX_STR
  * Returns MP_EQ on success, negative on error */
 static int wc_ecc_cmp_param(const char* curveParam,
-                            const byte* param, word32 paramSz)
+                            const byte* param, word32 paramSz, int encType)
 {
     int err = MP_OKAY;
 #ifdef WOLFSSL_SMALL_STACK
@@ -3190,6 +3190,9 @@ static int wc_ecc_cmp_param(const char* curveParam,
     if (param == NULL || curveParam == NULL)
         return BAD_FUNC_ARG;
 
+    if (encType == WC_TYPE_HEX_STR)
+        return XSTRNCMP(curveParam, (char*) param, paramSz);
+
 #ifdef WOLFSSL_SMALL_STACK
     a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);
     if (a == NULL)
@@ -3209,9 +3212,9 @@ static int wc_ecc_cmp_param(const char* curveParam,
         return err;
     }
 
-    if (err == MP_OKAY)
+    if (err == MP_OKAY) {
         err = mp_read_unsigned_bin(a, param, paramSz);
-
+    }
     if (err == MP_OKAY)
         err = mp_read_radix(b, curveParam, MP_RADIX_HEX);
 
@@ -3270,13 +3273,17 @@ int wc_ecc_get_curve_id_from_params(int fieldSize,
     for (idx = 0; ecc_sets[idx].size != 0; idx++) {
         if (curveSz == ecc_sets[idx].size) {
             if ((wc_ecc_cmp_param(ecc_sets[idx].prime, prime,
-                            primeSz) == MP_EQ) &&
+                            primeSz, WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
-                (wc_ecc_cmp_param(ecc_sets[idx].Af, Af, AfSz) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Af, Af, AfSz,
-                (wc_ecc_cmp_param(ecc_sets[idx].Bf, Bf, BfSz) == MP_EQ) &&
+                                  WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Bf, Bf, BfSz,
+                                  WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
                 (wc_ecc_cmp_param(ecc_sets[idx].order, order,
-                                  orderSz) == MP_EQ) &&
+                                  orderSz, WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
-                (wc_ecc_cmp_param(ecc_sets[idx].Gx, Gx, GxSz) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Gx, Gx, GxSz,
-                (wc_ecc_cmp_param(ecc_sets[idx].Gy, Gy, GySz) == MP_EQ) &&
+                                  WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Gy, Gy, GySz,
+                                  WC_TYPE_UNSIGNED_BIN) == MP_EQ) &&
                 (cofactor == ecc_sets[idx].cofactor)) {
                     break;
             }
@@ -3289,6 +3296,47 @@ int wc_ecc_get_curve_id_from_params(int fieldSize,
     return ecc_sets[idx].id;
 }
 
+/* Returns the curve id in ecc_sets[] that corresponds
+ * to a given domain parameters pointer.
+ *
+ * dp   domain parameters pointer
+ *
+ * return curve id, from ecc_sets[] on success, negative on error
+ */
+int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp)
+{
+    int idx;
+
+    if (dp == NULL || dp->prime == NULL ||  dp->Af == NULL ||
+        dp->Bf == NULL || dp->order == NULL || dp->Gx == NULL || dp->Gy == NULL)
+        return BAD_FUNC_ARG;
+
+    for (idx = 0; ecc_sets[idx].size != 0; idx++) {
+        if (dp->size == ecc_sets[idx].size) {
+            if ((wc_ecc_cmp_param(ecc_sets[idx].prime, (const byte*)dp->prime,
+                    (word32)XSTRLEN(dp->prime), WC_TYPE_HEX_STR) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Af, (const byte*)dp->Af,
+                    (word32)XSTRLEN(dp->Af),WC_TYPE_HEX_STR) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Bf, (const byte*)dp->Bf,
+                    (word32)XSTRLEN(dp->Bf),WC_TYPE_HEX_STR) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].order, (const byte*)dp->order,
+                    (word32)XSTRLEN(dp->order),WC_TYPE_HEX_STR) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Gx, (const byte*)dp->Gx,
+                    (word32)XSTRLEN(dp->Gx),WC_TYPE_HEX_STR) == MP_EQ) &&
+                (wc_ecc_cmp_param(ecc_sets[idx].Gy, (const byte*)dp->Gy,
+                    (word32)XSTRLEN(dp->Gy),WC_TYPE_HEX_STR) == MP_EQ) &&
+                (dp->cofactor == ecc_sets[idx].cofactor)) {
+                    break;
+            }
+        }
+    }
+
+    if (ecc_sets[idx].size == 0)
+        return ECC_CURVE_INVALID;
+
+    return ecc_sets[idx].id;
+}
+
 /* Returns the curve id that corresponds to a given OID,
  * as listed in ecc_sets[] of ecc.c.
  *

wolfssl/test.h

@@ -156,6 +156,9 @@
     #pragma warning(disable:4244 4996)
 #endif
 
+#ifndef WOLFSSL_CIPHER_LIST_MAX_SIZE
+    #define WOLFSSL_CIPHER_LIST_MAX_SIZE 4096
+#endif
 /* Buffer for benchmark tests */
 #ifndef TEST_BUFFER_SIZE
     #define TEST_BUFFER_SIZE 16384

wolfssl/wolfcrypt/ecc.h

@@ -522,6 +522,8 @@ int wc_ecc_get_curve_id_from_params(int fieldSize,
         const byte* prime, word32 primeSz, const byte* Af, word32 AfSz,
         const byte* Bf, word32 BfSz, const byte* order, word32 orderSz,
         const byte* Gx, word32 GxSz, const byte* Gy, word32 GySz, int cofactor);
+WOLFSSL_API
+int wc_ecc_get_curve_id_from_dp_params(const ecc_set_type* dp);
 
 WOLFSSL_API
 int wc_ecc_get_curve_id_from_oid(const byte* oid, word32 len);