From d9d3f9a4f4fbe8144b514ba54e7125bd20434228 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 10:13:59 -0400 Subject: [PATCH 01/16] fix wc_MakeRsaKey and wc_RsaKeyToDer to work with WOLFSSL_NO_MALLOC --- wolfcrypt/src/asn.c | 40 ++++++++++++++++++++++++++++++++++------ wolfcrypt/src/rsa.c | 8 ++++++++ 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 9377297e9..c52b44ae7 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -25937,10 +25937,13 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) { #ifndef WOLFSSL_ASN_TEMPLATE int ret = 0, i; + int mpSz; + word32 rawLen; word32 seqSz = 0, verSz = 0, intTotalLen = 0, outLen = 0; word32 sizes[RSA_INTS]; byte seq[MAX_SEQ_SZ]; byte ver[MAX_VERSION_SZ]; + mp_int* keyInt; byte* tmps[RSA_INTS]; if (key == NULL) @@ -25949,20 +25952,28 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) if (key->type != RSA_PRIVATE) return BAD_FUNC_ARG; + XMEMSET(tmps, 0, sizeof(tmps)); + for (i = 0; i < RSA_INTS; i++) tmps[i] = NULL; /* write all big ints from key to DER tmps */ for (i = 0; i < RSA_INTS; i++) { - mp_int* keyInt = GetRsaInt(key, i); - int mpSz; - word32 rawLen; - + keyInt = GetRsaInt(key, i); ret = mp_unsigned_bin_size(keyInt); - if (ret < 0) + if (ret < 0) { +#ifndef WOLFSSL_NO_MALLOC + /* free outstanding tmps */ + for (i = 0; i < RSA_INTS; i++) { + if (tmps[i] != NULL) + XFREE(tmps[i]); + } +#endif return ret; + } rawLen = (word32)ret + 1; ret = 0; +#ifndef WOLFSSL_NO_MALLOC if (output != NULL) { tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap, DYNAMIC_TYPE_RSA); @@ -25971,7 +25982,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) break; } } - +#endif mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]); if (mpSz < 0) { ret = mpSz; @@ -26004,8 +26015,25 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) j += verSz; for (i = 0; i < RSA_INTS; i++) { +/* copy from tmps if we have malloc, otherwise re-export with buffer */ +#ifndef WOLFSSL_NO_MALLOC XMEMCPY(output + j, tmps[i], sizes[i]); j += sizes[i]; +#else + keyInt = GetRsaInt(key, i); + ret = mp_unsigned_bin_size(keyInt); + if (ret < 0) { + return ret; + } + rawLen = (word32)ret + 1; + ret = 0; + mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, output + j); + if (mpSz < 0) { + ret = mpSz; + break; + } + j += mpSz; +#endif } } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 4299fd2f8..8f4e521a3 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4721,7 +4721,11 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #endif /* WOLFSSL_SMALL_STACK */ int i, failCount, isPrime = 0; word32 primeSz; +#ifndef WOLFSSL_NO_MALLOC byte* buf = NULL; +#else + byte buf[RSA_MAX_SIZE/16]; +#endif #endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */ int err; @@ -4827,12 +4831,14 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) primeSz = (word32)size / 16; /* size is the size of n in bits. primeSz is in bytes. */ +#ifndef WOLFSSL_NO_MALLOC /* allocate buffer to work with */ if (err == MP_OKAY) { buf = (byte*)XMALLOC(primeSz, key->heap, DYNAMIC_TYPE_RSA); if (buf == NULL) err = MEMORY_E; } +#endif SAVE_VECTOR_REGISTERS(err = _svr_ret;); @@ -4935,10 +4941,12 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) if (err == MP_OKAY && !isPrime) err = PRIME_GEN_E; +#ifndef WOLFSSL_NO_MALLOC if (buf) { ForceZero(buf, primeSz); XFREE(buf, key->heap, DYNAMIC_TYPE_RSA); } +#endif if (err == MP_OKAY && mp_cmp(p, q) < 0) { err = mp_copy(p, tmp1); From 0bd8775eae7f32b9f61767b5c75aeca9047e6298 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 10:53:58 -0400 Subject: [PATCH 02/16] update based on PR comments --- wolfcrypt/src/asn.c | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index c52b44ae7..41d8f7d13 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -25938,7 +25938,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) #ifndef WOLFSSL_ASN_TEMPLATE int ret = 0, i; int mpSz; - word32 rawLen; + word32 rawLen; word32 seqSz = 0, verSz = 0, intTotalLen = 0, outLen = 0; word32 sizes[RSA_INTS]; byte seq[MAX_SEQ_SZ]; @@ -25966,7 +25966,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) /* free outstanding tmps */ for (i = 0; i < RSA_INTS; i++) { if (tmps[i] != NULL) - XFREE(tmps[i]); + XFREE(tmps[i], key->heap, DYNAMIC_TYPE_RSA); } #endif return ret; @@ -26020,19 +26020,19 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) XMEMCPY(output + j, tmps[i], sizes[i]); j += sizes[i]; #else - keyInt = GetRsaInt(key, i); - ret = mp_unsigned_bin_size(keyInt); - if (ret < 0) { - return ret; - } - rawLen = (word32)ret + 1; - ret = 0; - mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, output + j); - if (mpSz < 0) { - ret = mpSz; - break; - } - j += mpSz; + keyInt = GetRsaInt(key, i); + ret = mp_unsigned_bin_size(keyInt); + if (ret < 0) { + return ret; + } + rawLen = (word32)ret + 1; + ret = 0; + mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, output + j); + if (mpSz < 0) { + ret = mpSz; + break; + } + j += mpSz; #endif } } From fb784a2ac945fb4575b707217aa0394164965d08 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 11:31:42 -0400 Subject: [PATCH 03/16] more changes from PR comments --- wolfcrypt/src/asn.c | 26 ++++++++++++-------------- wolfcrypt/src/rsa.c | 3 +++ 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 41d8f7d13..ce5a4f8f0 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -25944,7 +25944,9 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) byte seq[MAX_SEQ_SZ]; byte ver[MAX_VERSION_SZ]; mp_int* keyInt; +#ifndef WOLFSSL_NO_MALLOC byte* tmps[RSA_INTS]; +#endif if (key == NULL) return BAD_FUNC_ARG; @@ -25952,25 +25954,17 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) if (key->type != RSA_PRIVATE) return BAD_FUNC_ARG; - XMEMSET(tmps, 0, sizeof(tmps)); - +#ifndef WOLFSSL_NO_MALLOC for (i = 0; i < RSA_INTS; i++) tmps[i] = NULL; +#endif /* write all big ints from key to DER tmps */ for (i = 0; i < RSA_INTS; i++) { keyInt = GetRsaInt(key, i); ret = mp_unsigned_bin_size(keyInt); - if (ret < 0) { -#ifndef WOLFSSL_NO_MALLOC - /* free outstanding tmps */ - for (i = 0; i < RSA_INTS; i++) { - if (tmps[i] != NULL) - XFREE(tmps[i], key->heap, DYNAMIC_TYPE_RSA); - } -#endif - return ret; - } + if (ret < 0) + break; rawLen = (word32)ret + 1; ret = 0; #ifndef WOLFSSL_NO_MALLOC @@ -25982,8 +25976,10 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) break; } } -#endif mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]); +#else + mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, NULL); +#endif if (mpSz < 0) { ret = mpSz; break; @@ -26025,8 +26021,8 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) if (ret < 0) { return ret; } - rawLen = (word32)ret + 1; ret = 0; + /* This won't overrun output due to the outLen check above */ mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, output + j); if (mpSz < 0) { ret = mpSz; @@ -26037,10 +26033,12 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) } } +#ifndef WOLFSSL_NO_MALLOC for (i = 0; i < RSA_INTS; i++) { if (tmps[i]) XFREE(tmps[i], key->heap, DYNAMIC_TYPE_RSA); } +#endif if (ret == 0) ret = (int)outLen; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 8f4e521a3..220981890 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4724,6 +4724,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #ifndef WOLFSSL_NO_MALLOC byte* buf = NULL; #else + /* RSA_MAX_SIZE is the size of n in bits. */ byte buf[RSA_MAX_SIZE/16]; #endif #endif /* !WOLFSSL_CRYPTOCELL && !WOLFSSL_SE050 */ @@ -4946,6 +4947,8 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) ForceZero(buf, primeSz); XFREE(buf, key->heap, DYNAMIC_TYPE_RSA); } +#else + ForceZero(buf, primeSz); #endif if (err == MP_OKAY && mp_cmp(p, q) < 0) { From 305f87561d1561ee9842b1f05b45b7bd5ddabaf3 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 11:48:43 -0400 Subject: [PATCH 04/16] break out of loop on failure instead of return --- wolfcrypt/src/asn.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ce5a4f8f0..23bf29ae7 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -26018,9 +26018,8 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) #else keyInt = GetRsaInt(key, i); ret = mp_unsigned_bin_size(keyInt); - if (ret < 0) { - return ret; - } + if (ret < 0) + break; ret = 0; /* This won't overrun output due to the outLen check above */ mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, output + j); From 4f51183b45005f5a361ec73dee0c241f6df217d4 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 13:16:17 -0400 Subject: [PATCH 05/16] fix bad indenting --- wolfcrypt/src/rsa.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 220981890..cca20c0d3 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4948,7 +4948,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) XFREE(buf, key->heap, DYNAMIC_TYPE_RSA); } #else - ForceZero(buf, primeSz); + ForceZero(buf, primeSz); #endif if (err == MP_OKAY && mp_cmp(p, q) < 0) { From 9cd614fcacdeeedb14bc93e2b1c59cf24dd9de41 Mon Sep 17 00:00:00 2001 From: John Bland Date: Mon, 25 Mar 2024 13:43:55 -0400 Subject: [PATCH 06/16] update rsa test to support no malloc --- wolfcrypt/test/test.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 137e943b7..dc2dd0d53 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -2125,7 +2125,11 @@ static wc_test_ret_t _SaveDerAndPem(const byte* der, int derSz, #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) XFILE pemFile; #endif + #ifndef WOLFSSL_NO_MALLOC byte* pem; + #else + byte pem[FOURK_BUF]; + #endif int pemSz; /* calculate PEM size */ @@ -2133,10 +2137,15 @@ static wc_test_ret_t _SaveDerAndPem(const byte* der, int derSz, if (pemSz < 0) { return WC_TEST_RET_ENC(calling_line, 2, WC_TEST_RET_TAG_I); } + #ifndef WOLFSSL_NO_MALLOC pem = (byte*)XMALLOC(pemSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (pem == NULL) { return WC_TEST_RET_ENC(calling_line, 3, WC_TEST_RET_TAG_I); } + #else + if (pemSz > (int)sizeof(pem)) + return BAD_FUNC_ARG; + #endif /* Convert to PEM */ pemSz = wc_DerToPem(der, derSz, pem, pemSz, pemType); if (pemSz < 0) { @@ -18987,7 +18996,11 @@ static wc_test_ret_t rsa_keygen_test(WC_RNG* rng) RsaKey genKey[1]; #endif wc_test_ret_t ret; +#ifndef WOLFSSL_NO_MALLOC byte* der = NULL; +#else + byte der[FOURK_BUF]; +#endif #ifndef WOLFSSL_CRYPTOCELL word32 idx = 0; #endif @@ -19032,11 +19045,12 @@ static wc_test_ret_t rsa_keygen_test(WC_RNG* rng) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif +#ifndef WOLFSSL_NO_MALLOC der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (der == NULL) { ERROR_OUT(WC_TEST_RET_ENC_ERRNO, exit_rsa); } - +#endif derSz = wc_RsaKeyToDer(genKey, der, FOURK_BUF); if (derSz < 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(derSz), exit_rsa); @@ -19072,10 +19086,12 @@ exit_rsa: wc_FreeRsaKey(genKey); #endif +#ifndef WOLFSSL_NO_MALLOC if (der != NULL) { XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); der = NULL; } +#endif return ret; } From 76ac4fa7e3d96e20f167ade88a93e3c8ec177e2c Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 05:58:59 -0400 Subject: [PATCH 07/16] add github workflow to test no malloc --- .github/workflows/no-malloc.yml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/no-malloc.yml diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml new file mode 100644 index 000000000..dc1db23df --- /dev/null +++ b/.github/workflows/no-malloc.yml @@ -0,0 +1,33 @@ +name: No Malloc Tests + +on: + workflow_call: + +jobs: + make_check: + strategy: + matrix: + config: [ + # Add new configs here + '--enable-rsa --enable-keygen --disable-dh', + 'CFLAGS=-DWOLFSSL_NO_MALLOC', + ] + name: make check + runs-on: ubuntu-latest + # This should be a safe limit for the tests to run. + timeout-minutes: 6 + steps: + - uses: actions/checkout@v4 + name: Checkout wolfSSL + + - name: Test wolfSSL + run: | + ./configure ${{ matrix.config }} + make check + + - name: Print errors + if: ${{ failure() }} + run: | + if [ -f test-suite.log ] ; then + cat test-suite.log + fi From 71e52487bfb2dc87060a8712f43f2978e530d4d0 Mon Sep 17 00:00:00 2001 From: John Bland Date: Thu, 28 Mar 2024 02:55:31 -0400 Subject: [PATCH 08/16] add no malloc to main workflows file --- .github/workflows/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 5476bc601..cd9f1d6ab 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -52,4 +52,5 @@ jobs: # uses: ./.github/workflows/haproxy.yml ocsp: uses: ./.github/workflows/ocsp.yml - + no-malloc: + uses: ./.github/workflows/no-malloc.yml From 30189e57661add998e2ad3d536d953b6c4fad508 Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 06:11:38 -0400 Subject: [PATCH 09/16] add autogen.sh to workflow --- .github/workflows/no-malloc.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml index dc1db23df..dc29c6fe9 100644 --- a/.github/workflows/no-malloc.yml +++ b/.github/workflows/no-malloc.yml @@ -22,6 +22,7 @@ jobs: - name: Test wolfSSL run: | + ./autogen.sh ./configure ${{ matrix.config }} make check From f63501f03534b4c686cfa7a66816a2b61bb86239 Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 06:14:07 -0400 Subject: [PATCH 10/16] fix bad CFLAGS --- .github/workflows/no-malloc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml index dc29c6fe9..3b5a9afd6 100644 --- a/.github/workflows/no-malloc.yml +++ b/.github/workflows/no-malloc.yml @@ -10,7 +10,7 @@ jobs: config: [ # Add new configs here '--enable-rsa --enable-keygen --disable-dh', - 'CFLAGS=-DWOLFSSL_NO_MALLOC', + 'CFLAGS="-DWOLFSSL_NO_MALLOC"', ] name: make check runs-on: ubuntu-latest From 6272465c44ead5664e5dcd476a859d2e81e1b07a Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 06:24:26 -0400 Subject: [PATCH 11/16] use only one matrix index --- .github/workflows/no-malloc.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml index 3b5a9afd6..1a7870aed 100644 --- a/.github/workflows/no-malloc.yml +++ b/.github/workflows/no-malloc.yml @@ -9,8 +9,7 @@ jobs: matrix: config: [ # Add new configs here - '--enable-rsa --enable-keygen --disable-dh', - 'CFLAGS="-DWOLFSSL_NO_MALLOC"', + '--enable-rsa --enable-keygen --disable-dh CFLAGS="-DWOLFSSL_NO_MALLOC"', ] name: make check runs-on: ubuntu-latest From 04db5baaa16c1467b9e09c1a64acef8cc143204b Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 06:28:05 -0400 Subject: [PATCH 12/16] test wolfcrypt only --- .github/workflows/no-malloc.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml index 1a7870aed..bcf3dfdaf 100644 --- a/.github/workflows/no-malloc.yml +++ b/.github/workflows/no-malloc.yml @@ -23,7 +23,7 @@ jobs: run: | ./autogen.sh ./configure ${{ matrix.config }} - make check + ./wolfcrypt/test/testwolfcrypt - name: Print errors if: ${{ failure() }} From 254eb23443159df53cea21a06b06b7e2ae32fdc2 Mon Sep 17 00:00:00 2001 From: John Bland Date: Tue, 26 Mar 2024 06:30:28 -0400 Subject: [PATCH 13/16] add missing make call --- .github/workflows/no-malloc.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/no-malloc.yml b/.github/workflows/no-malloc.yml index bcf3dfdaf..70360fee6 100644 --- a/.github/workflows/no-malloc.yml +++ b/.github/workflows/no-malloc.yml @@ -23,6 +23,7 @@ jobs: run: | ./autogen.sh ./configure ${{ matrix.config }} + make ./wolfcrypt/test/testwolfcrypt - name: Print errors From 6cc32e90b067a4f5fac6a37b97bdee6492c5abfe Mon Sep 17 00:00:00 2001 From: John Bland Date: Thu, 28 Mar 2024 03:01:46 -0400 Subject: [PATCH 14/16] trim down buffer size --- wolfcrypt/test/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index dc2dd0d53..dcd2b2e4b 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -2128,7 +2128,7 @@ static wc_test_ret_t _SaveDerAndPem(const byte* der, int derSz, #ifndef WOLFSSL_NO_MALLOC byte* pem; #else - byte pem[FOURK_BUF]; + byte pem[1024]; #endif int pemSz; From 7c0423eb657bb4a68f7d076e8d2f13309034ee82 Mon Sep 17 00:00:00 2001 From: John Bland Date: Thu, 28 Mar 2024 12:56:26 -0400 Subject: [PATCH 15/16] reduce der buffer size --- wolfcrypt/test/test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index dcd2b2e4b..632873be7 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -18999,7 +18999,7 @@ static wc_test_ret_t rsa_keygen_test(WC_RNG* rng) #ifndef WOLFSSL_NO_MALLOC byte* der = NULL; #else - byte der[FOURK_BUF]; + byte der[1024]; #endif #ifndef WOLFSSL_CRYPTOCELL word32 idx = 0; From d8e9e90f9df49ed6cffc49576f6ae8cb56107490 Mon Sep 17 00:00:00 2001 From: John Bland Date: Sat, 30 Mar 2024 02:12:32 -0400 Subject: [PATCH 16/16] refactor rawLen to avoid unused warning --- wolfcrypt/src/asn.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 23bf29ae7..3d80e8708 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -25938,13 +25938,13 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) #ifndef WOLFSSL_ASN_TEMPLATE int ret = 0, i; int mpSz; - word32 rawLen; word32 seqSz = 0, verSz = 0, intTotalLen = 0, outLen = 0; word32 sizes[RSA_INTS]; byte seq[MAX_SEQ_SZ]; byte ver[MAX_VERSION_SZ]; mp_int* keyInt; #ifndef WOLFSSL_NO_MALLOC + word32 rawLen; byte* tmps[RSA_INTS]; #endif @@ -25965,9 +25965,9 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) ret = mp_unsigned_bin_size(keyInt); if (ret < 0) break; +#ifndef WOLFSSL_NO_MALLOC rawLen = (word32)ret + 1; ret = 0; -#ifndef WOLFSSL_NO_MALLOC if (output != NULL) { tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap, DYNAMIC_TYPE_RSA); @@ -25978,6 +25978,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) } mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]); #else + ret = 0; mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, NULL); #endif if (mpSz < 0) {