feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Regression fixes: more configurations

Browse Source 
./configure --disable-rsa --disable-ecc --disable-dh --enable-curve25519
&& make
./configure --disable-aescbc --disable-chacha --disable-poly1305
--disable-coding && make
This commit is contained in:
Sean Parkinson
2021-06-25 12:47:03 +10:00
parent 8592053856
commit dab6724059
6 changed files with 45 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
src/internal.c
View File

@ -14240,7 +14240,7 @@ static WC_INLINE void AeadIncrementExpIV(WOLFSSL* ssl)
#endif #endif
#if defined(HAVE_POLY1305) && defined(HAVE_CHACHA) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_CHAPOL_AEAD)
/* Used for the older version of creating AEAD tags with Poly1305 */ /* Used for the older version of creating AEAD tags with Poly1305 */
static int Poly1305TagOld(WOLFSSL* ssl, byte* additional, const byte* out, static int Poly1305TagOld(WOLFSSL* ssl, byte* additional, const byte* out,
byte* cipher, word16 sz, byte* tag) byte* cipher, word16 sz, byte* tag)
@ -14630,7 +14630,7 @@ static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
return ret; return ret;
} }
#endif /* HAVE_CHACHA && HAVE_POLY1305 */ #endif /* HAVE_CHACHA && HAVE_POLY1305 && !NO_CHAPOL_AEAD*/
#endif /* HAVE_AEAD */ #endif /* HAVE_AEAD */
@ -14814,7 +14814,8 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
break; break;
#endif #endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
!defined(NO_CHAPOL_AEAD)
case wolfssl_chacha: case wolfssl_chacha:
ret = ChachaAEADEncrypt(ssl, out, input, sz); ret = ChachaAEADEncrypt(ssl, out, input, sz);
break; break;
@ -15085,7 +15086,8 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
break; break;
#endif #endif
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
!defined(NO_CHAPOL_AEAD)
case wolfssl_chacha: case wolfssl_chacha:
ret = ChachaAEADDecrypt(ssl, plain, input, sz); ret = ChachaAEADDecrypt(ssl, plain, input, sz);
break; break;
@ -20451,9 +20453,14 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
int i; int i;
word32 length; word32 length;
next = XSTRSTR(next, ":"); next = XSTRSTR(next, ":");
length = min(sizeof(name), !next ? (word32)XSTRLEN(current) /* last */ length = MAX_SUITE_NAME + 1;
: (word32)(next - current)); if (next != NULL) {
word32 currLen = (word32)(next - current);
if (length > currLen) {
length = currLen;
}
}
XSTRNCPY(name, current, length); XSTRNCPY(name, current, length);
name[(length == sizeof(name)) ? length - 1 : length] = 0; name[(length == sizeof(name)) ? length - 1 : length] = 0;
@ -26572,8 +26579,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case ecdhe_psk_kea: case ecdhe_psk_kea:
/* Fall through to create temp ECC key */ /* Fall through to create temp ECC key */
#endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */ #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ #if defined(HAVE_ECC) || \
defined(HAVE_CURVE448) ((defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) && \
(defined(HAVE_ED25519) || defined(HAVE_ED448) || \
!defined(NO_RSA)))
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
@ -26661,7 +26670,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case TLS_ASYNC_BUILD: case TLS_ASYNC_BUILD:
{ {
#if (!defined(NO_DH) && !defined(NO_RSA)) || (defined(HAVE_ECC) || \ #if (!defined(NO_DH) && !defined(NO_RSA)) || (defined(HAVE_ECC) || \
defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) (defined(HAVE_CURVE25519) && defined(HAVE_ED25519)) || \
(defined(HAVE_CURVE448) && defined(HAVE_ED448)))
word32 preSigSz, preSigIdx; word32 preSigSz, preSigIdx;
#endif #endif
@ -26918,8 +26928,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break; break;
} }
#endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */ #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && !NO_PSK */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ #if defined(HAVE_ECC) || \
defined(HAVE_CURVE448) ((defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) && \
(defined(HAVE_ED25519) || defined(HAVE_ED448) || \
!defined(NO_RSA)))
case ecc_diffie_hellman_kea: case ecc_diffie_hellman_kea:
{ {
enum wc_HashType hashType; enum wc_HashType hashType;
@ -26963,7 +26975,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->exportBuf, &args->exportSz) != 0) { args->exportBuf, &args->exportSz) != 0) {
ERROR_OUT(ECC_EXPORT_ERROR, exit_sske); ERROR_OUT(ECC_EXPORT_ERROR, exit_sske);
} }
#endif #endif
} }
args->length += args->exportSz; args->length += args->exportSz;

2
src/keys.c
View File

@ -2273,7 +2273,7 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
#endif /* BUILD_ARC4 */ #endif /* BUILD_ARC4 */
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && !defined(NO_CHAPOL_AEAD)
/* Check that the max implicit iv size is suffecient */ /* Check that the max implicit iv size is suffecient */
#if (AEAD_MAX_IMP_SZ < 12) /* CHACHA20_IMP_IV_SZ */ #if (AEAD_MAX_IMP_SZ < 12) /* CHACHA20_IMP_IV_SZ */
#error AEAD_MAX_IMP_SZ is too small for ChaCha20 #error AEAD_MAX_IMP_SZ is too small for ChaCha20

7
src/ssl.c
View File

@ -6762,8 +6762,10 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
long sz = 0; long sz = 0;
XFILE file; XFILE file;
void* heapHint = wolfSSL_CTX_GetHeap(ctx, ssl); void* heapHint = wolfSSL_CTX_GetHeap(ctx, ssl);
#ifndef NO_CODING
const char* header = NULL; const char* header = NULL;
const char* footer = NULL; const char* footer = NULL;
#endif
(void)crl; (void)crl;
(void)heapHint; (void)heapHint;
@ -6800,6 +6802,7 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
else { else {
/* Try to detect type by parsing cert header and footer */ /* Try to detect type by parsing cert header and footer */
if (type == DETECT_CERT_TYPE) { if (type == DETECT_CERT_TYPE) {
#ifndef NO_CODING
if (wc_PemGetHeaderFooter(CA_TYPE, &header, &footer) == 0 && if (wc_PemGetHeaderFooter(CA_TYPE, &header, &footer) == 0 &&
(XSTRNSTR((char*)myBuffer, header, (int)sz) != NULL)) { (XSTRNSTR((char*)myBuffer, header, (int)sz) != NULL)) {
type = CA_TYPE; type = CA_TYPE;
@ -6814,7 +6817,9 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
(XSTRNSTR((char*)myBuffer, header, (int)sz) != NULL)) { (XSTRNSTR((char*)myBuffer, header, (int)sz) != NULL)) {
type = CERT_TYPE; type = CERT_TYPE;
} }
else { else
#endif
{
WOLFSSL_MSG("Failed to detect certificate type"); WOLFSSL_MSG("Failed to detect certificate type");
if (dynamic) if (dynamic)
XFREE(myBuffer, heapHint, DYNAMIC_TYPE_FILE); XFREE(myBuffer, heapHint, DYNAMIC_TYPE_FILE);

6
tests/api.c
View File

@ -6708,7 +6708,7 @@ static void test_wolfSSL_PKCS8(void)
XFILE f; XFILE f;
int bytes; int bytes;
WOLFSSL_CTX* ctx; WOLFSSL_CTX* ctx;
#ifdef HAVE_ECC #if defined(HAVE_ECC) && !defined(NO_CODING)
int ret; int ret;
ecc_key key; ecc_key key;
word32 x = 0; word32 x = 0;
@ -6725,6 +6725,8 @@ static void test_wolfSSL_PKCS8(void)
int flag; int flag;
#endif #endif
(void)der;
printf(testingFmt, "wolfSSL_PKCS8()"); printf(testingFmt, "wolfSSL_PKCS8()");
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
@ -6854,6 +6856,7 @@ static void test_wolfSSL_PKCS8(void)
AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes,
WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
#ifndef NO_CODING
/* decrypt PKCS8 PEM to key in DER format */ /* decrypt PKCS8 PEM to key in DER format */
AssertIntGT((bytes = wc_KeyPemToDer(buff, bytes, der, AssertIntGT((bytes = wc_KeyPemToDer(buff, bytes, der,
(word32)sizeof(der), NULL)), 0); (word32)sizeof(der), NULL)), 0);
@ -6863,6 +6866,7 @@ static void test_wolfSSL_PKCS8(void)
wc_ecc_free(&key); wc_ecc_free(&key);
} }
AssertIntEQ(ret, 0); AssertIntEQ(ret, 0);
#endif
/* Test PKCS8 DER ECC key no crypt */ /* Test PKCS8 DER ECC key no crypt */
f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb"); f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb");

7
wolfssl/internal.h
View File

@ -861,6 +861,13 @@
#endif #endif
#endif #endif
#if !defined(WOLFCRYPT_ONLY) && defined(NO_PSK) && \
(defined(NO_DH) || !defined(HAVE_ANON)) && \
defined(NO_RSA) && !defined(HAVE_ECC) && \
!defined(HAVE_ED25519) && !defined(HAVE_ED448)
#error "No cipher suites avaialble with this build"
#endif
#ifdef WOLFSSL_MULTICAST #ifdef WOLFSSL_MULTICAST
#if defined(HAVE_NULL_CIPHER) && !defined(NO_SHA256) #if defined(HAVE_NULL_CIPHER) && !defined(NO_SHA256)
#define BUILD_WDM_WITH_NULL_SHA256 #define BUILD_WDM_WITH_NULL_SHA256

2
wolfssl/wolfcrypt/settings.h
View File

@ -2322,7 +2322,7 @@ extern void uITRON4_free(void *p) ;
#endif #endif
/* support for disabling PEM to DER */ /* support for disabling PEM to DER */
#if !defined(WOLFSSL_NO_PEM) #if !defined(WOLFSSL_NO_PEM) && !defined(NO_CODING)
#undef WOLFSSL_PEM_TO_DER #undef WOLFSSL_PEM_TO_DER
#define WOLFSSL_PEM_TO_DER #define WOLFSSL_PEM_TO_DER
#endif #endif