diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 797bdeb1e..05b683d49 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -9323,16 +9323,31 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* a, #ifdef WOLFSSL_SMALL_STACK unsigned char* kb = NULL; + mp_int* tk = NULL; + mp_int* order = NULL; #else unsigned char kb[KB_SIZE]; + mp_int tk[1]; + mp_int order[1]; #endif int x, err; unsigned y, z = 0, bitlen, bitpos, lut_gap; int first; - mp_int tk, order; - if (mp_init_multi(&tk, &order, NULL, NULL, NULL, NULL) != MP_OKAY) - return MP_INIT_E; +#ifdef WOLFSSL_SMALL_STACK + tk = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); + if (tk == NULL) { + err = MEMORY_E; goto done; + } + order = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); + if (order == NULL) { + err = MEMORY_E; goto done; + } +#endif + + if (mp_init_multi(tk, order, NULL, NULL, NULL, NULL) != MP_OKAY) { + err = MP_INIT_E; goto done; + } /* if it's smaller than modulus we fine */ if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) { @@ -9345,23 +9360,23 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* a, /* back off if we are on the 521 bit curve */ if (y == 66) --x; - if ((err = mp_read_radix(&order, ecc_sets[x].order, + if ((err = mp_read_radix(order, ecc_sets[x].order, MP_RADIX_HEX)) != MP_OKAY) { goto done; } /* k must be less than modulus */ - if (mp_cmp(k, &order) != MP_LT) { - if ((err = mp_mod(k, &order, &tk)) != MP_OKAY) { + if (mp_cmp(k, order) != MP_LT) { + if ((err = mp_mod(k, order, tk)) != MP_OKAY) { goto done; } } else { - if ((err = mp_copy(k, &tk)) != MP_OKAY) { + if ((err = mp_copy(k, tk)) != MP_OKAY) { goto done; } } } else { - if ((err = mp_copy(k, &tk)) != MP_OKAY) { + if ((err = mp_copy(k, tk)) != MP_OKAY) { goto done; } } @@ -9375,7 +9390,7 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* a, lut_gap = bitlen / FP_LUT; /* get the k value */ - if (mp_unsigned_bin_size(&tk) > (int)(KB_SIZE - 2)) { + if (mp_unsigned_bin_size(tk) > (int)(KB_SIZE - 2)) { err = BUFFER_E; goto done; } @@ -9388,10 +9403,10 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* a, #endif XMEMSET(kb, 0, KB_SIZE); - if ((err = mp_to_unsigned_bin(&tk, kb)) == MP_OKAY) { + if ((err = mp_to_unsigned_bin(tk, kb)) == MP_OKAY) { /* let's reverse kb so it's little endian */ x = 0; - y = mp_unsigned_bin_size(&tk); + y = mp_unsigned_bin_size(tk); if (y > 0) { y -= 1; } @@ -9453,11 +9468,13 @@ static int accel_fp_mul(int idx, mp_int* k, ecc_point *R, mp_int* a, done: /* cleanup */ - mp_clear(&order); - mp_clear(&tk); + mp_clear(order); + mp_clear(tk); #ifdef WOLFSSL_SMALL_STACK XFREE(kb, NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(order, NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(tk, NULL, DYNAMIC_TYPE_ECC_BUFFER); #endif #undef KB_SIZE @@ -9478,16 +9495,37 @@ static int accel_fp_mul2add(int idx1, int idx2, #ifdef WOLFSSL_SMALL_STACK unsigned char* kb[2] = {NULL, NULL}; + mp_int* tka = NULL; + mp_int* tkb = NULL; + mp_int* order = NULL; #else unsigned char kb[2][KB_SIZE]; + mp_int tka[1]; + mp_int tkb[1]; + mp_int order[1]; #endif int x, err; unsigned y, z, bitlen, bitpos, lut_gap, zA, zB; int first; - mp_int tka, tkb, order; - if (mp_init_multi(&tka, &tkb, &order, NULL, NULL, NULL) != MP_OKAY) - return MP_INIT_E; +#ifdef WOLFSSL_SMALL_STACK + tka = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); + if (tka == NULL) { + err = MEMORY_E; goto done; + } + tkb = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); + if (tkb == NULL) { + err = MEMORY_E; goto done; + } + order = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); + if (order == NULL) { + err = MEMORY_E; goto done; + } +#endif + + if (mp_init_multi(tka, tkb, order, NULL, NULL, NULL) != MP_OKAY) { + err = MP_INIT_E; goto done; + } /* if it's smaller than modulus we fine */ if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) { @@ -9500,23 +9538,23 @@ static int accel_fp_mul2add(int idx1, int idx2, /* back off if we are on the 521 bit curve */ if (y == 66) --x; - if ((err = mp_read_radix(&order, ecc_sets[x].order, + if ((err = mp_read_radix(order, ecc_sets[x].order, MP_RADIX_HEX)) != MP_OKAY) { goto done; } /* kA must be less than modulus */ - if (mp_cmp(kA, &order) != MP_LT) { - if ((err = mp_mod(kA, &order, &tka)) != MP_OKAY) { + if (mp_cmp(kA, order) != MP_LT) { + if ((err = mp_mod(kA, order, tka)) != MP_OKAY) { goto done; } } else { - if ((err = mp_copy(kA, &tka)) != MP_OKAY) { + if ((err = mp_copy(kA, tka)) != MP_OKAY) { goto done; } } } else { - if ((err = mp_copy(kA, &tka)) != MP_OKAY) { + if ((err = mp_copy(kA, tka)) != MP_OKAY) { goto done; } } @@ -9532,23 +9570,23 @@ static int accel_fp_mul2add(int idx1, int idx2, /* back off if we are on the 521 bit curve */ if (y == 66) --x; - if ((err = mp_read_radix(&order, ecc_sets[x].order, + if ((err = mp_read_radix(order, ecc_sets[x].order, MP_RADIX_HEX)) != MP_OKAY) { goto done; } /* kB must be less than modulus */ - if (mp_cmp(kB, &order) != MP_LT) { - if ((err = mp_mod(kB, &order, &tkb)) != MP_OKAY) { + if (mp_cmp(kB, order) != MP_LT) { + if ((err = mp_mod(kB, order, tkb)) != MP_OKAY) { goto done; } } else { - if ((err = mp_copy(kB, &tkb)) != MP_OKAY) { + if ((err = mp_copy(kB, tkb)) != MP_OKAY) { goto done; } } } else { - if ((err = mp_copy(kB, &tkb)) != MP_OKAY) { + if ((err = mp_copy(kB, tkb)) != MP_OKAY) { goto done; } } @@ -9562,8 +9600,8 @@ static int accel_fp_mul2add(int idx1, int idx2, lut_gap = bitlen / FP_LUT; /* get the k value */ - if ((mp_unsigned_bin_size(&tka) > (int)(KB_SIZE - 2)) || - (mp_unsigned_bin_size(&tkb) > (int)(KB_SIZE - 2)) ) { + if ((mp_unsigned_bin_size(tka) > (int)(KB_SIZE - 2)) || + (mp_unsigned_bin_size(tkb) > (int)(KB_SIZE - 2)) ) { err = BUFFER_E; goto done; } @@ -9576,17 +9614,17 @@ static int accel_fp_mul2add(int idx1, int idx2, #endif XMEMSET(kb[0], 0, KB_SIZE); - if ((err = mp_to_unsigned_bin(&tka, kb[0])) != MP_OKAY) { + if ((err = mp_to_unsigned_bin(tka, kb[0])) != MP_OKAY) { goto done; } /* let's reverse kb so it's little endian */ x = 0; - y = mp_unsigned_bin_size(&tka); + y = mp_unsigned_bin_size(tka); if (y > 0) { y -= 1; } - mp_clear(&tka); + mp_clear(tka); while ((unsigned)x < y) { z = kb[0][x]; kb[0][x] = kb[0][y]; kb[0][y] = (byte)z; ++x; --y; @@ -9601,9 +9639,9 @@ static int accel_fp_mul2add(int idx1, int idx2, #endif XMEMSET(kb[1], 0, KB_SIZE); - if ((err = mp_to_unsigned_bin(&tkb, kb[1])) == MP_OKAY) { + if ((err = mp_to_unsigned_bin(tkb, kb[1])) == MP_OKAY) { x = 0; - y = mp_unsigned_bin_size(&tkb); + y = mp_unsigned_bin_size(tkb); if (y > 0) { y -= 1; } @@ -9682,9 +9720,9 @@ static int accel_fp_mul2add(int idx1, int idx2, done: /* cleanup */ - mp_clear(&tkb); - mp_clear(&tka); - mp_clear(&order); + mp_clear(tkb); + mp_clear(tka); + mp_clear(order); #ifdef WOLFSSL_SMALL_STACK if (kb[0]) @@ -9696,8 +9734,11 @@ done: ForceZero(kb[1], KB_SIZE); #ifdef WOLFSSL_SMALL_STACK - XFREE(kb[0], NULL, DYNAMIC_TYPE_ECC_BUFFER); XFREE(kb[1], NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(kb[0], NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(order, NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(tkb, NULL, DYNAMIC_TYPE_ECC_BUFFER); + XFREE(tka, NULL, DYNAMIC_TYPE_ECC_BUFFER); #endif #undef KB_SIZE diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index bb560b1b0..c6ff83bcd 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -509,38 +509,38 @@ static void wc_PKCS7_ChangeState(PKCS7* pkcs7, int newState) static int wc_SetContentType(int pkcs7TypeOID, byte* output, word32 outputSz) { /* PKCS#7 content types, RFC 2315, section 14 */ - const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07 }; - const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x01 }; - const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x02}; - const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x03 }; - const byte authEnvelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x09, 0x10, 0x01, 0x17}; - const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x04 }; - const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x05 }; + static const byte pkcs7[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07 }; + static const byte data[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; + static const byte signedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02}; + static const byte envelopedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x03 }; + static const byte authEnvelopedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x17}; + static const byte signedAndEnveloped[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x04 }; + static const byte digestedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x05 }; #ifndef NO_PKCS7_ENCRYPTED_DATA - const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, - 0x0D, 0x01, 0x07, 0x06 }; + static const byte encryptedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 }; #endif /* FirmwarePkgData (1.2.840.113549.1.9.16.1.16), RFC 4108 */ - const byte firmwarePkgData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x10, 0x01, 0x10 }; + static const byte firmwarePkgData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x10 }; #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA) /* id-ct-compressedData (1.2.840.113549.1.9.16.1.9), RFC 3274 */ - const byte compressedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x10, 0x01, 0x09 }; + static const byte compressedData[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x01, 0x09 }; #endif #if !defined(NO_PWDBASED) && !defined(NO_SHA) - const byte pwriKek[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x10, 0x03, 0x09 }; - const byte pbkdf2[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x05, 0x0C }; + static const byte pwriKek[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x03, 0x09 }; + static const byte pbkdf2[] = + { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C }; #endif int idSz, idx = 0; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 3d1db9f1f..0f76202b4 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -26636,7 +26636,7 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz, /* looking for KEY ID * fwDecryptKeyID OID "1.2.840.113549.1.9.16.2.37 */ - const unsigned char OID[] = { + static const unsigned char OID[] = { /* 0x06, 0x0B do not pass in tag and length */ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x10, 0x02, 0x25 @@ -28829,7 +28829,7 @@ static int pkcs7signed_run_vectors( static byte messageType[] = { 0x13, 2, '1', '9' }; static byte senderNonce[PKCS7_NONCE_SZ + 2]; - PKCS7Attrib attribs[] = + static PKCS7Attrib attribs[] = { { transIdOid, sizeof(transIdOid), transId, sizeof(transId) - 1 }, /* take off the null */ @@ -28840,9 +28840,9 @@ static int pkcs7signed_run_vectors( }; /* for testing custom contentType, FirmwarePkgData */ - byte customContentType[] = { 0x06, 0x0B, 0x2A, 0x86, - 0x48, 0x86, 0xF7, 0x0D, - 0x01, 0x09, 0x10, 0x01, 0x10 }; + static byte customContentType[] = { 0x06, 0x0B, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x10, 0x01, 0x10 }; const pkcs7SignedVector testVectors[] = { @@ -29316,7 +29316,7 @@ static int pkcs7signed_run_SingleShotVectors( }; #if defined(WOLFSSL_AES_256) && !defined(NO_PKCS7_ENCRYPTED_DATA) - byte aes256Key[] = { + static byte aes256Key[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 95a95e122..b463d22a3 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1219,6 +1219,8 @@ extern void uITRON4_free(void *p) ; #define USE_CERT_BUFFERS_4096 #undef FP_MAX_BITS #define FP_MAX_BITS (8192) + #undef SP_INT_BITS + #define SP_INT_BITS (4096) #undef NO_DH #define NO_DH @@ -1970,6 +1972,11 @@ extern void uITRON4_free(void *p) ; #error "FFDHE parameters are too large for FP_MAX_BIT as set" #endif #endif +#if defined(HAVE_FFDHE) && defined(SP_INT_BITS) + #if MIN_FFDHE_FP_MAX_BITS > SP_INT_BITS * 2 + #error "FFDHE parameters are too large for SP_INT_BIT as set" + #endif +#endif /* if desktop type system and fastmath increase default max bits */ #ifdef WOLFSSL_X86_64_BUILD @@ -1980,6 +1987,13 @@ extern void uITRON4_free(void *p) ; #define FP_MAX_BITS MIN_FFDHE_FP_MAX_BITS #endif #endif + #if defined(WOLFSSL_SP_MATH_ALL) && !defined(SP_INT_BITS) + #if MIN_FFDHE_FP_MAX_BITS <= 8192 + #define SP_INT_BITS 4096 + #else + #define PS_INT_BITS MIN_FFDHE_FP_MAX_BITS / 2 + #endif + #endif #endif /* If using the max strength build, ensure OLD TLS is disabled. */