From a472d2af4ace6ebfbff8b7e14fbac4e52669ee50 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 25 Mar 2021 18:54:09 +0700 Subject: [PATCH 01/16] fix for streaming with PKCS7 --- wolfcrypt/src/pkcs7.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 0073e895e..a1d0a3f32 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -8336,18 +8336,14 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz, case WC_PKCS7_DECRYPT_KTRI_2: #ifndef NO_PKCS7_STREAM - if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, pkcs7->stream->expected, - &pkiMsg, idx)) != 0) { + if ((ret = wc_PKCS7_AddDataToStream(pkcs7, in, inSz, + pkcs7->stream->expected, &pkiMsg, idx)) != 0) { return ret; } - rc = wc_PKCS7_GetMaxStream(pkcs7, PKCS7_DEFAULT_PEEK, - in, inSz); - if (rc < 0) { - ret = (int)rc; - break; + if (in != pkiMsg) { + pkiMsgSz = pkcs7->stream->length; } - pkiMsgSz = (word32)rc; wc_PKCS7_StreamGetVar(pkcs7, NULL, &sidType, &version); From 0ea9163253e411edb12a3ae8ce07d46921b7fdb7 Mon Sep 17 00:00:00 2001 From: Jake Hicks Date: Mon, 29 Mar 2021 09:37:53 -0500 Subject: [PATCH 02/16] fix: call CBClientCert for TLS 1.3 certificate requests --- src/tls13.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/tls13.c b/src/tls13.c index 2fd6e18ba..1097cf385 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5034,6 +5034,11 @@ static int SendTls13Certificate(WOLFSSL* ssl) byte certReqCtxLen = 0; byte* certReqCtx = NULL; +#ifdef OPENSSL_EXTRA + WOLFSSL_X509* x509 = NULL; + WOLFSSL_EVP_PKEY* pkey = NULL; +#endif + WOLFSSL_START(WC_FUNC_CERTIFICATE_SEND); WOLFSSL_ENTER("SendTls13Certificate"); @@ -5044,6 +5049,22 @@ static int SendTls13Certificate(WOLFSSL* ssl) } #endif +#ifdef OPENSSL_EXTRA + /* call client cert callback if no cert has been loaded */ + if ((ssl->ctx->CBClientCert != NULL) && + (!ssl->buffers.certificate || !ssl->buffers.certificate->buffer)) { + ret = ssl->ctx->CBClientCert(ssl, &x509, &pkey); + if (ret == 1) { + if ((wolfSSL_CTX_use_certificate(ssl->ctx, x509) == WOLFSSL_SUCCESS) && + (wolfSSL_CTX_use_PrivateKey(ssl->ctx, pkey) == WOLFSSL_SUCCESS)) { + ssl->options.sendVerify = SEND_CERT; + } + wolfSSL_X509_free(x509); + wolfSSL_EVP_PKEY_free(pkey); + } + } +#endif + if (ssl->options.sendVerify == SEND_BLANK_CERT) { certSz = 0; certChainSz = 0; From b8684f3f7e5f108d416eed25a50993f5dcd447da Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Thu, 1 Apr 2021 10:25:39 +0900 Subject: [PATCH 03/16] fix retrun code regression on RAND_bytes fix jenkins fail --- src/ssl.c | 6 +++++- tests/api.c | 22 +++++++++++++++++----- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 49378cdf3..923ed9802 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -32279,7 +32279,11 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num) #endif WOLFSSL_ENTER("wolfSSL_RAND_bytes"); - + /* sanity check */ + if (buf == NULL || num < 0) + /* return code compliant with OpenSSL */ + return 0; + /* if a RAND callback has been set try and use it */ #ifndef WOLFSSL_NO_OPENSSL_RAND_CB if (wolfSSL_RAND_InitMutex() == 0 && wc_LockMutex(&gRandMethodMutex) == 0) { diff --git a/tests/api.c b/tests/api.c index 95372ac40..f0b920748 100644 --- a/tests/api.c +++ b/tests/api.c @@ -30997,6 +30997,9 @@ static void test_wolfSSL_RAND_set_rand_method(void) printf(testingFmt, "wolfSSL_RAND_set_rand_method()"); + buf = (byte*)XMALLOC(32 * sizeof(byte), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + AssertIntNE(wolfSSL_RAND_status(), 5432); AssertIntEQ(*was_cleanup_called, 0); wolfSSL_RAND_Cleanup(); @@ -31033,6 +31036,8 @@ static void test_wolfSSL_RAND_set_rand_method(void) wolfSSL_RAND_Cleanup(); AssertIntEQ(*was_cleanup_called, 0); + XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); + printf(resultFmt, passed); #endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */ } @@ -31048,17 +31053,24 @@ static void test_wolfSSL_RAND_bytes(void) byte *my_buf; printf(testingFmt, "test_wolfSSL_RAND_bytes()"); - + /* sanity check */ + AssertIntEQ(RAND_bytes(NULL, 16), 0); + AssertIntEQ(RAND_bytes(NULL, 0), 0); + max_bufsize = size4; my_buf = (byte*)XMALLOC(max_bufsize * sizeof(byte), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + AssertIntEQ(RAND_bytes(my_buf, 0), 1); + AssertIntEQ(RAND_bytes(my_buf, -1), 0); + AssertNotNull(my_buf); XMEMSET(my_buf, 0, max_bufsize); - AssertIntEQ(wolfSSL_RAND_bytes(my_buf, size1), 1); - AssertIntEQ(wolfSSL_RAND_bytes(my_buf, size2), 1); - AssertIntEQ(wolfSSL_RAND_bytes(my_buf, size3), 1); - AssertIntEQ(wolfSSL_RAND_bytes(my_buf, size4), 1); + AssertIntEQ(RAND_bytes(my_buf, size1), 1); + AssertIntEQ(RAND_bytes(my_buf, size2), 1); + AssertIntEQ(RAND_bytes(my_buf, size3), 1); + AssertIntEQ(RAND_bytes(my_buf, size4), 1); XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); From ea0f4580de922b6c56da8f1f00750f53ad2c3df2 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Thu, 1 Apr 2021 17:06:02 +0900 Subject: [PATCH 04/16] add X509_STORE_get/set_ex_data --- src/ssl.c | 42 +++++++++++++++++++++++++++++++++++++++++- tests/api.c | 22 ++++++++++++++++++++++ wolfssl/openssl/ssl.h | 2 ++ wolfssl/ssl.h | 4 ++++ 4 files changed, 69 insertions(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 49378cdf3..45d9499c6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -26017,7 +26017,47 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store) XFREE(store, NULL, DYNAMIC_TYPE_X509_STORE); } } - +/** + * Get ex_data in WOLFSSL_STORE at given index + * @param store a pointer to WOLFSSL_X509_STORE structure + * @param idx Index of ex_data to get data from + * @return void pointer to ex_data on success or NLL on failure + */ +void* wolfSSL_X509_STORE_get_ex_data(WOLFSSL_X509_STORE* store, int idx) +{ + WOLFSSL_ENTER("wolfSSL_X509_STORE_get_ex_data"); +#ifdef HAVE_EX_DATA + if (store != NULL && idx < MAX_EX_DATA && idx >= 0) { + return wolfSSL_CRYPTO_get_ex_data(&store->ex_data, idx); + } +#else + (void)store; + (void)idx; +#endif + return NULL; +} +/** + * Set ex_data for WOLFSSL_STORE + * @param store a pointer to WOLFSSL_X509_STORE structure + * @param idx Index of ex data to set + * @param data Data to set in ex data + * @return WOLFSSL_SUCCESS on success or WOLFSSL_FAILURE on failure + */ +int wolfSSL_X509_STORE_set_ex_data(WOLFSSL_X509_STORE* store, int idx, + void *data) +{ + WOLFSSL_ENTER("wolfSSL_X509_STORE_set_ex_data"); +#ifdef HAVE_EX_DATA + if (store != NULL && idx < MAX_EX_DATA) { + return wolfSSL_CRYPTO_set_ex_data(&store->ex_data, idx, data); + } +#else + (void)store; + (void)idx; + (void)data; +#endif + return WOLFSSL_FAILURE; +} #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */ #ifdef OPENSSL_EXTRA diff --git a/tests/api.c b/tests/api.c index 95372ac40..56c5c6295 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28455,6 +28455,28 @@ static void test_wolfSSL_X509_STORE_CTX(void) X509_STORE_CTX_free(ctx); } + /* test X509_STORE_get/set_ex_data */ + { + int i = 0, tmpData = 99; + void* tmpDataRet; + AssertNotNull(str = X509_STORE_new()); + #if defined(HAVE_EX_DATA) + for (i = 0; i < MAX_EX_DATA; i++) { + AssertIntEQ(X509_STORE_set_ex_data(str, i, &tmpData), + WOLFSSL_SUCCESS); + tmpDataRet = (int*)X509_STORE_get_ex_data(str, i); + AssertNotNull(tmpDataRet); + AssertIntEQ(tmpData, *(int*)tmpDataRet); + } + #else + AssertIntEQ(X509_STORE_set_ex_data(str, i, &tmpData), + WOLFSSL_FAILURE); + tmpDataRet = (int*)X509_STORE_get_ex_data(str, i); + AssertNull(tmpDataRet); + #endif + X509_STORE_free(str); + } + printf(resultFmt, passed); #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */ diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 70a79aaa0..bdbd9df91 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -602,6 +602,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define X509_STORE_set_flags wolfSSL_X509_STORE_set_flags #define X509_STORE_get1_certs wolfSSL_X509_STORE_get1_certs #define X509_STORE_get_by_subject wolfSSL_X509_STORE_get_by_subject +#define X509_STORE_set_ex_data wolfSSL_X509_STORE_set_ex_data +#define X509_STORE_get_ex_data wolfSSL_X509_STORE_get_ex_data #define X509_STORE_CTX_get1_issuer wolfSSL_X509_STORE_CTX_get1_issuer #define X509_STORE_CTX_set_time wolfSSL_X509_STORE_CTX_set_time #define X509_VERIFY_PARAM_new wolfSSL_X509_VERIFY_PARAM_new diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index de42e4c78..6c608cd0d 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -1667,6 +1667,10 @@ WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data( WOLFSSL_X509_STORE_CTX* ctx, int idx); WOLFSSL_API int wolfSSL_X509_STORE_CTX_set_ex_data(WOLFSSL_X509_STORE_CTX* ctx, int idx, void *data); +WOLFSSL_API void* wolfSSL_X509_STORE_get_ex_data( + WOLFSSL_X509_STORE* store, int idx); +WOLFSSL_API int wolfSSL_X509_STORE_set_ex_data(WOLFSSL_X509_STORE* store, + int idx, void *data); WOLFSSL_API void wolfSSL_X509_STORE_CTX_set_depth(WOLFSSL_X509_STORE_CTX* ctx, int depth); WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_STORE_CTX_get0_current_issuer( From 52e6ff7c5602ef93210aaa679666d8336bedda4a Mon Sep 17 00:00:00 2001 From: Guido Vranken Date: Tue, 6 Apr 2021 01:34:09 +0200 Subject: [PATCH 05/16] Account for sp_sqr failure in _sp_exptmod_nct ZD 12039 --- wolfcrypt/src/sp_int.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index d22dd82bc..bd94e9d00 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -8874,7 +8874,7 @@ static int _sp_exptmod_nct(sp_int* b, sp_int* e, sp_int* m, sp_int* r) /* Sqaure until we find bit that is 1 or there's less than a * window of bits left. */ - while ((i >= 0) || (c >= winBits)) { + while (err == MP_OKAY && ((i >= 0) || (c >= winBits))) { sp_digit n2 = n; int c2 = c; int i2 = i; From f4e1d96cfc33e582faccf4524262d04353245363 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 6 Apr 2021 11:38:05 -0700 Subject: [PATCH 06/16] Fixes for building K82. Fixes for warning with `const mp_int* k` changes. --- IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c | 10 +++++----- IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp | 3 --- wolfcrypt/src/port/nxp/ksdk_port.c | 6 +++--- wolfcrypt/src/port/st/stm32.c | 4 ++-- 4 files changed, 10 insertions(+), 13 deletions(-) diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c index ae5802316..bdbce0bda 100644 --- a/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c +++ b/IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c @@ -64,10 +64,10 @@ // UART TX Port, Pin, Mux and Baud #ifdef FREESCALE_KSDK_BM - #define UART_PORT LPUART0 /* UART Port */ - #define UART_TX_PORT PORTA /* UART TX Port */ - #define UART_TX_PIN 2U /* UART TX Pin */ - #define UART_TX_MUX kPORT_MuxAlt2 /* Kinetis UART pin mux */ + #define UART_PORT LPUART4 /* UART Port */ + #define UART_TX_PORT PORTC /* UART TX Port */ + #define UART_TX_PIN 15U /* UART TX Pin */ + #define UART_TX_MUX kPORT_MuxAlt3 /* Kinetis UART pin mux */ #elif defined (WOLFSSL_FRDM_K64) #define UART_PORT UART0 /* UART Port */ #define UART_TX_PORT PORTB /* UART TX Port */ @@ -91,7 +91,7 @@ /* Note: TWR-K60 is UART3, PTC17 */ /* Note: FRDM-K64 is UART4, PTE24 or UART0 PTB17 for OpenOCD (SIM_SCGC4_UART0_MASK)*/ /* Note: TWR-K64 is UART5, PTE8 */ -/* Note: FRDM-K82F is LPUART0 A2, LPUART4 PTC15 */ +/* Note: FRDM-K82F is LPUART4 PTC15 Alt3 (OpenOCD UART) */ /***********************************************/ diff --git a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp index 5a474b301..2cd93b21f 100644 --- a/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp +++ b/IDE/ROWLEY-CROSSWORKS-ARM/wolfssl_ltc.hzp @@ -159,7 +159,6 @@ - @@ -223,8 +222,6 @@ - - diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c index 6d601a407..886ddc096 100644 --- a/wolfcrypt/src/port/nxp/ksdk_port.c +++ b/wolfcrypt/src/port/nxp/ksdk_port.c @@ -696,7 +696,7 @@ static int ltc_get_ecc_specs(const uint8_t **modulus, const uint8_t **r2modn, (1==map, 0 == leave in projective) return MP_OKAY on success */ -int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, mp_int *modulus, int map, void* heap) { ltc_pkha_ecc_point_t B; @@ -726,7 +726,7 @@ int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, szModulus = mp_unsigned_bin_size(modulus); szkbin = mp_unsigned_bin_size(k); - res = ltc_get_from_mp_int(kbin, k, szkbin); + res = ltc_get_from_mp_int(kbin, (mp_int*)k, szkbin); if (res == MP_OKAY) res = ltc_get_from_mp_int(Gxbin, G->x, szModulus); if (res == MP_OKAY) @@ -768,7 +768,7 @@ int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, return res; } -int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, mp_int* order, WC_RNG* rng, int map, void* heap) { diff --git a/wolfcrypt/src/port/st/stm32.c b/wolfcrypt/src/port/st/stm32.c index 2c23ed48c..dd19797a8 100644 --- a/wolfcrypt/src/port/st/stm32.c +++ b/wolfcrypt/src/port/st/stm32.c @@ -646,7 +646,7 @@ static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef, (1==map, 0 == leave in projective) return MP_OKAY on success */ -int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, mp_int *modulus, int map, void* heap) { PKA_ECCMulInTypeDef pka_mul; @@ -725,7 +725,7 @@ int wc_ecc_mulmod_ex(mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, return res; } -int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, +int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, mp_int* modulus, mp_int* order, WC_RNG* rng, int map, void* heap) { From 779dabc04e57cc689f3178ccbf8768e80dc2a598 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 6 Apr 2021 13:24:03 -0700 Subject: [PATCH 07/16] Cleanups to KSDK port for LTC. --- wolfcrypt/src/port/nxp/ksdk_port.c | 80 +++++++++++++++++------------- 1 file changed, 45 insertions(+), 35 deletions(-) diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c index 886ddc096..8d7e5e2c0 100644 --- a/wolfcrypt/src/port/nxp/ksdk_port.c +++ b/wolfcrypt/src/port/nxp/ksdk_port.c @@ -129,9 +129,9 @@ int mp_mul(mp_int *A, mp_int *B, mp_int *C) #endif /* unsigned multiply */ - uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); if (ptrA && ptrB && ptrC) { uint16_t sizeA, sizeB; @@ -187,9 +187,9 @@ int mp_mod(mp_int *a, mp_int *b, mp_int *c) { #endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ int neg = 0; - uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); #ifndef WOLFSSL_SP_MATH /* get sign for the result */ @@ -252,9 +252,9 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c) szB = mp_unsigned_bin_size(b); if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES)) { #endif - uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); if (ptrA && ptrB && ptrC) { uint16_t sizeA, sizeB, sizeC; @@ -317,8 +317,8 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); uint8_t *ptrD = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); - /* if A or B is negative, subtract abs(A) or abs(B) from modulus to get positive integer representation of the - * same number */ + /* if A or B is negative, subtract abs(A) or abs(B) from modulus to get + * positive integer representation of the same number */ res = mp_init(&t); #ifndef WOLFSSL_SP_MATH if (a->sign) { @@ -347,7 +347,8 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) /* (A*B)mod C = ((A mod C) * (B mod C)) mod C */ if (res == MP_OKAY && LTC_PKHA_CompareBigNum(ptrA, sizeA, ptrC, sizeC) >= 0) { if (kStatus_Success != - LTC_PKHA_ModRed(LTC_BASE, ptrA, sizeA, ptrC, sizeC, ptrA, &sizeA, kLTC_PKHA_IntegerArith)) + LTC_PKHA_ModRed(LTC_BASE, ptrA, sizeA, ptrC, sizeC, ptrA, + &sizeA, kLTC_PKHA_IntegerArith)) { res = MP_VAL; } @@ -355,16 +356,18 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) if (res == MP_OKAY && (LTC_PKHA_CompareBigNum(ptrB, sizeB, ptrC, sizeC) >= 0)) { if (kStatus_Success != - LTC_PKHA_ModRed(LTC_BASE, ptrB, sizeB, ptrC, sizeC, ptrB, &sizeB, kLTC_PKHA_IntegerArith)) + LTC_PKHA_ModRed(LTC_BASE, ptrB, sizeB, ptrC, sizeC, ptrB, + &sizeB, kLTC_PKHA_IntegerArith)) { res = MP_VAL; } } if (res == MP_OKAY) { - if (kStatus_Success != LTC_PKHA_ModMul(LTC_BASE, ptrA, sizeA, ptrB, sizeB, ptrC, sizeC, ptrD, &sizeD, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, - kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized)) + if (kStatus_Success != LTC_PKHA_ModMul(LTC_BASE, ptrA, sizeA, + ptrB, sizeB, ptrC, sizeC, ptrD, &sizeD, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized)) { res = MP_VAL; } @@ -427,14 +430,16 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) szB = mp_unsigned_bin_size(X); szC = mp_unsigned_bin_size(P); - if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES)) { + if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && + (szC <= LTC_MAX_INT_BYTES)) + { #endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ mp_int t; uint16_t sizeG, sizeX, sizeP; - uint8_t *ptrG = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrX = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); - uint8_t *ptrP = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, 0, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrG = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrX = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); + uint8_t *ptrP = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); /* if G is negative, add modulus to convert to positive number for LTC */ res = mp_init(&t); @@ -454,7 +459,8 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) if (res == MP_OKAY) res = ltc_get_lsb_bin_from_mp_int(ptrP, P, &sizeP); - /* if number if greater that modulo, we must first reduce due to LTC requirement on modular exponentiaton */ + /* if number if greater that modulo, we must first reduce due to + LTC requirement on modular exponentiaton */ /* it needs number less than modulus. */ /* we can take advantage of modular arithmetic rule that: A^B mod C = ( (A mod C)^B ) mod C and so we do first (A mod N) : LTC does not give size requirement on A versus N, @@ -462,7 +468,8 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) */ /* if G >= P then */ if (res == MP_OKAY && LTC_PKHA_CompareBigNum(ptrG, sizeG, ptrP, sizeP) >= 0) { - res = (int)LTC_PKHA_ModRed(LTC_BASE, ptrG, sizeG, ptrP, sizeP, ptrG, &sizeG, kLTC_PKHA_IntegerArith); + res = (int)LTC_PKHA_ModRed(LTC_BASE, ptrG, sizeG, ptrP, sizeP, + ptrG, &sizeG, kLTC_PKHA_IntegerArith); if (res != kStatus_Success) { res = MP_VAL; @@ -470,8 +477,9 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) } if (res == MP_OKAY) { - res = (int)LTC_PKHA_ModExp(LTC_BASE, ptrG, sizeG, ptrP, sizeP, ptrX, sizeX, ptrP, &sizeP, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); + res = (int)LTC_PKHA_ModExp(LTC_BASE, ptrG, sizeG, ptrP, sizeP, + ptrX, sizeX, ptrP, &sizeP, kLTC_PKHA_IntegerArith, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); if (res != kStatus_Success) { res = MP_VAL; @@ -575,7 +583,7 @@ static const uint8_t ltc_ecc256_modulus[32] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF}; -static const uint8_t ltc_ecc256_r2modn[32] = { +static const uint8_t ltc_ecc256_r2modn[32] = { /* R^2 mod N */ 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFB, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0x04, 0x00, 0x00, 0x00}; @@ -707,9 +715,6 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, status_t status; int res; - (void)a; - (void)heap; - uint8_t Gxbin[LTC_MAX_ECC_BITS / 8]; uint8_t Gybin[LTC_MAX_ECC_BITS / 8]; uint8_t kbin[LTC_MAX_INT_BYTES]; @@ -719,6 +724,9 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, const uint8_t *bCurveParam; const uint8_t *r2modn; + (void)a; + (void)heap; + if (k == NULL || G == NULL || R == NULL || modulus == NULL) { return ECC_BAD_ARG_E; } @@ -731,21 +739,22 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, res = ltc_get_from_mp_int(Gxbin, G->x, szModulus); if (res == MP_OKAY) res = ltc_get_from_mp_int(Gybin, G->y, szModulus); - if (res != MP_OKAY) return res; size = szModulus; + /* find LTC friendly parameters for the selected curve */ - if (0 != ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size)) { + if (ltc_get_ecc_specs(&modbin, &r2modn, &aCurveParam, &bCurveParam, size) != 0) { return ECC_BAD_ARG_E; } B.X = &Gxbin[0]; B.Y = &Gybin[0]; - status = LTC_PKHA_ECC_PointMul(LTC_BASE, &B, kbin, szkbin, modbin, r2modn, aCurveParam, bCurveParam, size, - kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, &B, &point_of_infinity); + status = LTC_PKHA_ECC_PointMul(LTC_BASE, &B, kbin, szkbin, modbin, r2modn, + aCurveParam, bCurveParam, size, kLTC_PKHA_TimingEqualized, + kLTC_PKHA_IntegerArith, &B, &point_of_infinity); if (status != kStatus_Success) { return MP_VAL; } @@ -817,8 +826,8 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m) B.X = Qxbin; B.Y = Qybin; - status = LTC_PKHA_ECC_PointAdd(LTC_BASE, &A, &B, modbin, r2modn, aCurveParam, bCurveParam, size, - kLTC_PKHA_IntegerArith, &A); + status = LTC_PKHA_ECC_PointAdd(LTC_BASE, &A, &B, modbin, r2modn, + aCurveParam, bCurveParam, size, kLTC_PKHA_IntegerArith, &A); if (status != kStatus_Success) { res = MP_VAL; } @@ -1131,7 +1140,8 @@ status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint) /* if type is set, the input point p is in Montgomery curve coordinates, so there is a map to Weierstrass curve */ /* q output point is always in Montgomery curve coordinates */ -int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_system_t type) +int nxp_ltc_curve25519(ECPoint *q, const byte *n, const ECPoint *p, + fsl_ltc_ecc_coordinate_system_t type) { status_t status; ltc_pkha_ecc_point_t ltcPoint; From f16136c29bbeeac0af0782023c76b55fde5562f1 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 7 Apr 2021 20:56:50 +0700 Subject: [PATCH 08/16] remove dead code, variable gn will currently always be null --- src/ssl.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 49378cdf3..b27d82980 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -10128,13 +10128,6 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509, int nid, int* c, goto err; } } - else if (gn) { - if (wolfSSL_sk_GENERAL_NAME_push(sk, gn) != WOLFSSL_SUCCESS) { - WOLFSSL_MSG("Error pushing GENERAL_NAME object onto " - "stack."); - goto err; - } - } ret = sk; From ef69a9b45825e0125817fce7b00de81e161e2552 Mon Sep 17 00:00:00 2001 From: Eric Blankenhorn Date: Wed, 7 Apr 2021 13:19:22 -0500 Subject: [PATCH 09/16] Fix build error with NO_PKCS12 --- src/ssl.c | 10 +++++---- tests/api.c | 60 +++++++++++++++++++++++++++++------------------------ 2 files changed, 39 insertions(+), 31 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 49378cdf3..d135bb3f6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25311,7 +25311,7 @@ WOLFSSL_X509* wolfSSL_d2i_X509_REQ_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509) #endif #if !defined(NO_ASN) && !defined(NO_PWDBASED) -#ifndef NO_BIO +#if !defined(NO_BIO) && defined(HAVE_PKCS12) WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio, WC_PKCS12** pkcs12) { WC_PKCS12* localPkcs12 = NULL; @@ -25391,7 +25391,7 @@ int wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO *bio, WC_PKCS12 *pkcs12) return ret; } -#endif /* !NO_BIO */ +#endif /* !NO_BIO && HAVE_PKCS12 */ /* Copies unencrypted DER key buffer into "der". If "der" is null then the size * of buffer needed is returned. If *der == NULL then it allocates a buffer. @@ -25404,6 +25404,7 @@ int wolfSSL_i2d_PrivateKey(const WOLFSSL_EVP_PKEY* key, unsigned char** der) return wolfSSL_EVP_PKEY_get_der(key, der); } +#ifdef HAVE_PKCS12 /* Creates a new WC_PKCS12 structure * * pass password to use @@ -25791,6 +25792,7 @@ int wolfSSL_PKCS12_verify_mac(WC_PKCS12 *pkcs12, const char *psw, return wc_PKCS12_verify_ex(pkcs12, (const byte*)psw, pswLen) == 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE; } +#endif /* HAVE_PKCS12 */ #endif /* !NO_ASN && !NO_PWDBASED */ @@ -26377,7 +26379,7 @@ static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type) newx509 = (void *)wolfSSL_d2i_X509_CRL(NULL, fileBuffer, (int)sz); } #endif - #if !defined(NO_ASN) && !defined(NO_PWDBASED) + #if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) else if (type == PKCS12_TYPE) { if ((newx509 = wc_PKCS12_new()) == NULL) { goto err_exit; @@ -26402,7 +26404,7 @@ static void *wolfSSL_d2i_X509_fp_ex(XFILE file, void **x509, int type) goto _exit; err_exit: -#if !defined(NO_ASN) && !defined(NO_PWDBASED) +#if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) if ((newx509 != NULL) && (type == PKCS12_TYPE)) { wc_PKCS12_free((WC_PKCS12*)newx509); newx509 = NULL; diff --git a/tests/api.c b/tests/api.c index 95372ac40..50759771a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -5056,7 +5056,7 @@ static void test_wolfSSL_PKCS12(void) */ #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \ !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \ - !defined(NO_SHA) + !defined(NO_SHA) && defined(HAVE_PKCS12) byte buffer[6000]; char file[] = "./certs/test-servercert.p12"; char order[] = "./certs/ecc-rsa-server.p12"; @@ -31743,15 +31743,6 @@ static void test_wolfSSL_OBJ(void) ASN1_STRING *asn1 = NULL; unsigned char *buf_dyn = NULL; - PKCS12 *p12; - int boolRet; - EVP_PKEY *pkey = NULL; - const char *p12_f[] = { - #if !defined(NO_DES3) && !defined(NO_RSA) - "./certs/test-servercert.p12", - #endif - NULL}; - printf(testingFmt, "wolfSSL_OBJ()"); AssertIntEQ(OBJ_obj2txt(buf, (int)sizeof(buf), obj, 1), SSL_FAILURE); @@ -31809,27 +31800,42 @@ static void test_wolfSSL_OBJ(void) } - for (i = 0; p12_f[i] != NULL; i++) +#ifdef HAVE_PKCS12 { - AssertTrue((fp = XFOPEN(p12_f[i], "rb")) != XBADFILE); - AssertNotNull(p12 = d2i_PKCS12_fp(fp, NULL)); - XFCLOSE(fp); - AssertTrue((boolRet = PKCS12_parse(p12, "wolfSSL test", &pkey, &x509, NULL)) > 0); - wc_PKCS12_free(p12); - EVP_PKEY_free(pkey); - x509Name = X509_get_issuer_name(x509); - AssertNotNull(x509Name); - AssertIntNE((numNames = X509_NAME_entry_count(x509Name)), 0); - AssertTrue((bio = BIO_new(BIO_s_mem())) != NULL); - for (j = 0; j < numNames; j++) + PKCS12 *p12; + int boolRet; + EVP_PKEY *pkey = NULL; + const char *p12_f[] = { + #if !defined(NO_DES3) && !defined(NO_RSA) + "./certs/test-servercert.p12", + #endif + NULL}; + + for (i = 0; p12_f[i] != NULL; i++) { - AssertNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j)); - AssertNotNull(asn1Name = X509_NAME_ENTRY_get_object(x509NameEntry)); - AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0); + AssertTrue((fp = XFOPEN(p12_f[i], "rb")) != XBADFILE); + AssertNotNull(p12 = d2i_PKCS12_fp(fp, NULL)); + XFCLOSE(fp); + AssertTrue((boolRet = PKCS12_parse(p12, "wolfSSL test", + &pkey, &x509, NULL)) > 0); + wc_PKCS12_free(p12); + EVP_PKEY_free(pkey); + x509Name = X509_get_issuer_name(x509); + AssertNotNull(x509Name); + AssertIntNE((numNames = X509_NAME_entry_count(x509Name)), 0); + AssertTrue((bio = BIO_new(BIO_s_mem())) != NULL); + for (j = 0; j < numNames; j++) + { + AssertNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j)); + AssertNotNull(asn1Name = + X509_NAME_ENTRY_get_object(x509NameEntry)); + AssertTrue((nid = OBJ_obj2nid(asn1Name)) > 0); + } + BIO_free(bio); + X509_free(x509); } - BIO_free(bio); - X509_free(x509); } +#endif /* HAVE_PKCS12 */ printf(resultFmt, passed); #endif From a4ebeac932d416b731fe2eedb04e07b992d09eb0 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Thu, 8 Apr 2021 16:37:16 -0600 Subject: [PATCH 10/16] fix minor typo in function return comment --- src/ssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ssl.c b/src/ssl.c index 45d9499c6..ee2c8b491 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -26021,7 +26021,7 @@ void wolfSSL_X509_STORE_free(WOLFSSL_X509_STORE* store) * Get ex_data in WOLFSSL_STORE at given index * @param store a pointer to WOLFSSL_X509_STORE structure * @param idx Index of ex_data to get data from - * @return void pointer to ex_data on success or NLL on failure + * @return void pointer to ex_data on success or NULL on failure */ void* wolfSSL_X509_STORE_get_ex_data(WOLFSSL_X509_STORE* store, int idx) { From 070dfad07abb629b4b2fdac0faaee6fccd2ff616 Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 9 Apr 2021 15:51:30 -0700 Subject: [PATCH 11/16] Fix for NXP LTC ECC public key computation broken in PR #2859 for contstant time changes. --- wolfcrypt/src/ecc.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 696da3eb1..123cb18e5 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -2879,7 +2879,7 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q, #endif -/* Convert the point to montogmery form. +/* Convert the point to montgomery form. * * @param [in] p Point to convert. * @param [out] r Point in montgomery form. @@ -4413,10 +4413,14 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, err = MEMORY_E; } } +#ifndef FREESCALE_LTC_ECC /* this is done in hardware */ if (err == MP_OKAY) { /* Use constant time map if compiled in */ err = ecc_map_ex(pub, curve->prime, mp, 1); } +#else + (void)mp; +#endif wc_ecc_del_point_h(base, key->heap); } From 8538869d3373949fea720f6d20800ce8f642b94a Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 9 Apr 2021 15:51:57 -0700 Subject: [PATCH 12/16] Added runtime checking for LTC big integer buffer sizes. --- wolfcrypt/src/port/nxp/ksdk_port.c | 45 ++++++++++++++++++------------ wolfssl/wolfcrypt/settings.h | 7 +++-- 2 files changed, 32 insertions(+), 20 deletions(-) diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c index 8d7e5e2c0..be8cbe1de 100644 --- a/wolfcrypt/src/port/nxp/ksdk_port.c +++ b/wolfcrypt/src/port/nxp/ksdk_port.c @@ -179,13 +179,11 @@ int mp_mul(mp_int *A, mp_int *B, mp_int *C) int mp_mod(mp_int *a, mp_int *b, mp_int *c) { int res = MP_OKAY; -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) int szA, szB; szA = mp_unsigned_bin_size(a); szB = mp_unsigned_bin_size(b); if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES)) { -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ int neg = 0; uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); @@ -233,12 +231,15 @@ int mp_mod(mp_int *a, mp_int *b, mp_int *c) if (ptrC) { XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT); } -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) } else { +#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) res = wolfcrypt_mp_mod(a, b, c); +#else + res = NOT_COMPILED_IN; +#endif } -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ + return res; } @@ -246,12 +247,10 @@ int mp_mod(mp_int *a, mp_int *b, mp_int *c) int mp_invmod(mp_int *a, mp_int *b, mp_int *c) { int res = MP_OKAY; -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) int szA, szB; szA = mp_unsigned_bin_size(a); szB = mp_unsigned_bin_size(b); if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES)) { -#endif uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); uint8_t *ptrB = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); uint8_t *ptrC = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); @@ -290,12 +289,14 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c) if (ptrC) { XFREE(ptrC, NULL, DYNAMIC_TYPE_BIGINT); } -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) } else { +#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) res = wolfcrypt_mp_invmod(a, b, c); +#else + res = NOT_COMPILED_IN; +#endif } -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ return res; } @@ -303,13 +304,11 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c) int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) { int res = MP_OKAY; -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) int szA, szB, szC; szA = mp_unsigned_bin_size(a); szB = mp_unsigned_bin_size(b); szC = mp_unsigned_bin_size(c); if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES)) { -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ mp_int t; uint8_t *ptrA = (uint8_t *)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT); @@ -397,12 +396,15 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) #ifndef USE_FAST_MATH mp_clear(&t); #endif -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) } else { +#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) res = wolfcrypt_mp_mulmod(a, b, c, d); +#else + res = NOT_COMPILED_IN; +#endif } -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ + return res; } @@ -410,12 +412,12 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d) int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) { int res = MP_OKAY; -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) int szA, szB, szC; mp_int tmp; /* if G cannot fit into LTC_PKHA, reduce it */ szA = mp_unsigned_bin_size(G); +#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) if (szA > LTC_MAX_INT_BYTES) { res = mp_init(&tmp); if (res != MP_OKAY) @@ -426,14 +428,13 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) G = &tmp; szA = mp_unsigned_bin_size(G); } - +#endif szB = mp_unsigned_bin_size(X); szC = mp_unsigned_bin_size(P); if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && (szC <= LTC_MAX_INT_BYTES)) { -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ mp_int t; uint16_t sizeG, sizeX, sizeP; @@ -460,7 +461,7 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) res = ltc_get_lsb_bin_from_mp_int(ptrP, P, &sizeP); /* if number if greater that modulo, we must first reduce due to - LTC requirement on modular exponentiaton */ + LTC requirement on modular exponentiation */ /* it needs number less than modulus. */ /* we can take advantage of modular arithmetic rule that: A^B mod C = ( (A mod C)^B ) mod C and so we do first (A mod N) : LTC does not give size requirement on A versus N, @@ -506,17 +507,20 @@ int mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y) #ifndef USE_FAST_MATH mp_clear(&t); #endif -#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) } else { +#if defined(FREESCALE_LTC_TFM_RSA_4096_ENABLE) res = wolfcrypt_mp_exptmod(G, X, P, Y); +#else + res = NOT_COMPILED_IN; +#endif } #ifndef USE_FAST_MATH if (szA > LTC_MAX_INT_BYTES) mp_clear(&tmp); #endif -#endif /* FREESCALE_LTC_TFM_RSA_4096_ENABLE */ + return res; } @@ -734,6 +738,11 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a, szModulus = mp_unsigned_bin_size(modulus); szkbin = mp_unsigned_bin_size(k); + /* make sure LTC big number variable is large enough */ + if (szModulus > LTC_MAX_INT_BYTES / 2) { + return MP_MEM; + } + res = ltc_get_from_mp_int(kbin, (mp_int*)k, szkbin); if (res == MP_OKAY) res = ltc_get_from_mp_int(Gxbin, G->x, szModulus); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index ee7caec50..06f9b4b33 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1178,8 +1178,11 @@ extern void uITRON4_free(void *p) ; /* the LTC PKHA hardware limit is 2048 bits (256 bytes) for integer arithmetic. the LTC_MAX_INT_BYTES defines the size of local variables that hold big integers. */ - #ifndef LTC_MAX_INT_BYTES - #define LTC_MAX_INT_BYTES (256) + /* size is multiplication of 2 big ints */ + #if !defined(NO_RSA) || !defined(NO_DH) + #define LTC_MAX_INT_BYTES (256*2) + #else + #define LTC_MAX_INT_BYTES (48*2) #endif /* This FREESCALE_LTC_TFM_RSA_4096_ENABLE macro can be defined. From c34025b1860c00307c37f010f64b1afb4e97101f Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Sun, 11 Apr 2021 20:06:13 +0700 Subject: [PATCH 13/16] add option to use an engine with openssl test script --- scripts/openssl.test | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/openssl.test b/scripts/openssl.test index 605946b46..93f49e658 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -2,6 +2,10 @@ #openssl.test +# Enviornment variables used: +# OPENSSL (openssl app to use) +# OPENSSL_ENGINE_ID (engine id if any i.e. -engine wolfengine) + CERT_DIR="$PWD/$(dirname "$0")/../certs" if ! test -n "$WOLFSSL_OPENSSL_TEST"; then @@ -135,11 +139,11 @@ start_openssl_server() { if [ "$cert_file" != "" ] then - echo "# " $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe - $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & + echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe + $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & else - echo "# " $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe - $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & + echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe + $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & fi server_pid=$! # wait to see if s_server successfully starts before continuing From ee22d27cf8cd72f29548c73cfcb1521f8edb519a Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Sun, 11 Apr 2021 20:48:18 +0700 Subject: [PATCH 14/16] add sanity check that engine can be loaded --- scripts/openssl.test | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/scripts/openssl.test b/scripts/openssl.test index 93f49e658..1823d9ccc 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -4,7 +4,7 @@ # Enviornment variables used: # OPENSSL (openssl app to use) -# OPENSSL_ENGINE_ID (engine id if any i.e. -engine wolfengine) +# OPENSSL_ENGINE_ID (engine id if any i.e. "wolfengine") CERT_DIR="$PWD/$(dirname "$0")/../certs" @@ -133,6 +133,28 @@ start_openssl_server() { server_port=$port found_free_port=0 counter=0 + + # If OPENSSL_ENGINE_ID has been set then check that the desired engine can + # be loaded successfully and error out if not. Otherwise the OpenSSL app + # will fall back to default engine. + if [ ! -z "${OPENSSL_ENGINE_ID}" ]; then + OUTPUT=`$OPENSSL engine -tt $OPENSSL_ENGINE_ID` + if [ $? != 0 ]; then + printf "not able to load engine\n" + printf "$OPENSSL engine -tt $OPENSSL_ENGINE_ID\n" + do_cleanup + exit 1 + else + echo $OUTPUT | grep "available" + if [ $? != 0 ]; then + printf "engine not available\n" + do_cleanup + exit 1 + fi + fi + fi + OPENSSL_ENGINE_ID="-engine ${OPENSSL_ENGINE_ID}" + while [ "$counter" -lt 20 ]; do echo -e "\n# Trying to start $openssl_suite OpenSSL server on port $server_port..." echo "#" From d44549fd77959f9f76b566461d20553dcd95ce32 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Mon, 12 Apr 2021 01:47:01 -0600 Subject: [PATCH 15/16] only update OPENSSL_ENGINE_ID if already set --- scripts/openssl.test | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/openssl.test b/scripts/openssl.test index 1823d9ccc..55cdfaa6a 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -152,8 +152,8 @@ start_openssl_server() { exit 1 fi fi + OPENSSL_ENGINE_ID="-engine ${OPENSSL_ENGINE_ID}" fi - OPENSSL_ENGINE_ID="-engine ${OPENSSL_ENGINE_ID}" while [ "$counter" -lt 20 ]; do echo -e "\n# Trying to start $openssl_suite OpenSSL server on port $server_port..." From 74df158c5c8d6d748d1f01b1b7bf2acc9a18d7a0 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 12 Apr 2021 11:17:08 -0700 Subject: [PATCH 16/16] Update the check for 64-bit on the M1 to filter out other ARM processors. --- wolfssl/wolfcrypt/tfm.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h index c7fae484e..ba5f9db05 100644 --- a/wolfssl/wolfcrypt/tfm.h +++ b/wolfssl/wolfcrypt/tfm.h @@ -70,6 +70,11 @@ #define TFM_X86_64 #endif #endif +#if defined(__aarch64__) && defined(__APPLE__) + #if !defined(TFM_AARCH_64) && !defined(TFM_NO_ASM) + #define TFM_AARCH_64 + #endif +#endif #if defined(TFM_X86_64) || defined(TFM_AARCH_64) #if !defined(FP_64BIT) #define FP_64BIT