Merge pull request #2111 from SparkiDev/ed25519_fixes_1

Various improvements for testing

configure.ac

@@ -1466,7 +1466,7 @@ fi
 if test "$ENABLED_ECC" = "yes"
 then
     AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256"
-    if test "$ENABLED_ECC_SHAMIR" = "yes"
+    if test "$ENABLED_ECC_SHAMIR" = "yes" && test "$ENABLED_LOWRESOURCE" = "no"
     then
         AM_CFLAGS="$AM_CFLAGS -DECC_SHAMIR"
     fi
@@ -4202,6 +4202,10 @@ then
     then
         AC_MSG_ERROR([please use --enable-fastmath if enabling staticmemory.])
     fi
+    if test "$ENABLED_LOWRESOURCE" = "yes" && test "$ENABLED_RSA" = "no"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY_SMALL"
+    fi
 fi
 
 

examples/client/client.c

@@ -1304,7 +1304,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     char resumeMsg[32] = "resuming wolfssl!\n";
 #endif
 
-    char reply[80];
+    char reply[128];
     int  msgSz = (int)XSTRLEN(msg);
     int  resumeSz = (int)XSTRLEN(resumeMsg);
 
@@ -3183,6 +3183,11 @@ exit:
     wolfAsync_DevClose(&devId);
 #endif
 
+#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \
+                                         && defined(HAVE_STACK_SIZE)
+    wc_ecc_fp_free();  /* free per thread cache */
+#endif
+
     /* There are use cases  when these assignments are not read. To avoid
      * potential confusion those warnings have been handled here.
      */

examples/server/server.c

@@ -2279,8 +2279,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 
 exit:
 
-#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
-                            && defined(HAVE_THREAD_LS)
+#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \
+                      && (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE))
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
 

gencertbuf.pl

@@ -37,8 +37,11 @@ my @fileList_ecc = (
 # ed25519 keys and certs
 # Used with HAVE_ED25519 define.
 my @fileList_ed = (
-        [ "./certs/ed25519/server-ed25519.der",    "server_ed25519_cert" ],
-        [ "./certs/ed25519/ca-ed25519.der",        "ca_ed25519_cert" ]
+        [ "./certs/ed25519/server-ed25519.der",     "server_ed25519_cert" ],
+        [ "./certs/ed25519/server-ed25519-key.der", "server_ed25519_key" ],
+        [ "./certs/ed25519/ca-ed25519.der",         "ca_ed25519_cert" ],
+        [ "./certs/ed25519/client-ed25519.der",     "client_ed25519_cert" ],
+        [ "./certs/ed25519/client-ed25519-key.der", "client_ed25519_key" ]
         );
 
 # 1024-bit certs/keys to be converted
@@ -223,14 +226,17 @@ sub file_to_hex {
     for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++)
     {
         if ($j == 1) {
-            print OUT_FILE "\t";
+            print OUT_FILE "        ";
+        }
+        if ($j != 1) {
+            print OUT_FILE " ";
         }
         read($fp, $byte, 1) or die "Error reading $fileName";
         my $output = sprintf("0x%02X", ord($byte));
         print OUT_FILE $output;
 
         if ($i != ($fileLen - 1)) {
-            print OUT_FILE ", ";
+            print OUT_FILE ",";
         }
 
         if ($j == 10) {

tests/api.c

@@ -1284,11 +1284,16 @@ static void test_wolfSSL_SetTmpDH_file(void)
                 WOLFSSL_FILETYPE_PEM));
     AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
                 WOLFSSL_FILETYPE_PEM));
-#else
+#elif defined(HAVE_ECC)
     AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
                 WOLFSSL_FILETYPE_PEM));
     AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
                 WOLFSSL_FILETYPE_PEM));
+#elif defined(HAVE_ED25519)
+    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, edCertFile,
+                WOLFSSL_FILETYPE_PEM));
+    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile,
+                WOLFSSL_FILETYPE_PEM));
 #endif
     AssertNotNull(ssl = wolfSSL_new(ctx));
 
@@ -21587,9 +21592,11 @@ static void test_CheckCertSignature(void)
 #endif
 #endif
 
+#if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
     (void)fp;
     (void)cert;
     (void)certSz;
+#endif
 
     wolfSSL_CertManagerFree(cm);
 #endif

tests/suites.c

@@ -193,6 +193,36 @@ static int IsValidCert(const char* line)
     return ret;
 }
 
+static int IsValidCA(const char* line)
+{
+    int ret = 1;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    WOLFSSL_CTX* ctx;
+    size_t i;
+    const char* begin;
+    char cert[80];
+
+    begin = XSTRSTR(line, "-A ");
+    if (begin == NULL)
+        return 1;
+
+    begin += 3;
+    for (i = 0; i < sizeof(cert) - 1 && *begin != ' ' && *begin != '\0'; i++)
+        cert[i] = *(begin++);
+    cert[i] = '\0';
+
+    ctx = wolfSSL_CTX_new(wolfSSLv23_server_method_ex(NULL));
+    if (ctx == NULL)
+        return 0;
+    ret = wolfSSL_CTX_use_certificate_chain_file(ctx, cert) == WOLFSSL_SUCCESS;
+    wolfSSL_CTX_free(ctx);
+#endif /* !NO_FILESYSTEM && !NO_CERTS */
+
+    (void)line;
+
+    return ret;
+}
+
 static int execute_test_case(int svr_argc, char** svr_argv,
                              int cli_argc, char** cli_argv,
                              int addNoVerify, int addNonBlocking,
@@ -392,6 +422,12 @@ static int execute_test_case(int svr_argc, char** svr_argv,
         strcat(commandLine, cli_argv[i]);
         strcat(commandLine, flagSep);
     }
+    if (!IsValidCA(commandLine)) {
+        #ifdef DEBUG_SUITE_TESTS
+            printf("certificate %s not supported in build\n", commandLine);
+        #endif
+        return NOT_BUILT_IN;
+    }
     printf("trying client command line[%d]: %s\n", tests, commandLine);
 
     /* determine based on args if this test is expected to fail */

wolfcrypt/src/memory.c

@@ -669,6 +669,12 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type)
                             mem->ava[i] = pt->next;
                             break;
                         }
+                    #ifdef WOLFSSL_DEBUG_STATIC_MEMORY
+                        else {
+                            printf("Size: %ld, Empty: %d\n", size,
+                                                              mem->sizeList[i]);
+                        }
+                    #endif
                     }
                 }
             }
@@ -864,6 +870,14 @@ void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type)
         WOLFSSL_HEAP*      mem  = hint->memory;
         word32 padSz = -(int)sizeof(wc_Memory) & (WOLFSSL_STATIC_ALIGN - 1);
 
+        if (ptr == NULL) {
+        #ifdef WOLFSSL_DEBUG_MEMORY
+            return wolfSSL_Malloc(size, heap, type, func, line);
+        #else
+            return wolfSSL_Malloc(size, heap, type);
+        #endif
+        }
+
         if (wc_LockMutex(&(mem->memory_mutex)) != 0) {
             WOLFSSL_MSG("Bad memory_mutex lock");
             return NULL;

wolfssl/test.h

@@ -327,11 +327,11 @@
 #define cliEccCertFile "./certs/client-ecc-cert.pem"
 #define caEccCertFile  "./certs/ca-ecc-cert.pem"
 #define crlPemDir      "./certs/crl"
-#define edCertFile     "./certs/ed25519/server-ed25519.pem"
+#define edCertFile     "./certs/ed25519/server-ed25519-cert.pem"
 #define edKeyFile      "./certs/ed25519/server-ed25519-priv.pem"
 #define cliEdCertFile  "./certs/ed25519/client-ed25519.pem"
 #define cliEdKeyFile   "./certs/ed25519/client-ed25519-priv.pem"
-#define caEdCertFile   "./certs/ed25519/root-ed25519.pem"
+#define caEdCertFile   "./certs/ed25519/ca-ed25519.pem"
 #ifdef HAVE_WNR
     /* Whitewood netRandom default config file */
     #define wnrConfig  "./wnr-example.conf"

wolfssl/wolfcrypt/memory.h

@@ -110,7 +110,12 @@ WOLFSSL_API int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*,
         #endif
     #endif
     #ifndef WOLFMEM_DIST
-        #define WOLFMEM_DIST    49,10,6,14,5,6,9,1,1
+        #ifndef WOLFSSL_STATIC_MEMORY_SMALL
+            #define WOLFMEM_DIST    49,10,6,14,5,6,9,1,1
+        #else
+            /* Low resource and not RSA */
+            #define WOLFMEM_DIST    29, 7,6, 9,4,4,0,0,0
+        #endif
     #endif
 
     /* flags for loading static memory (one hot bit) */