From 77cd361bca6359fdb7faf6be97acbf6faad7c6d2 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 13 Sep 2018 13:23:55 -0700 Subject: [PATCH 1/7] Fixes for building with `WC_NO_RNG`. --- examples/client/client.c | 1 + tests/api.c | 3 +++ wolfssl/test.h | 2 ++ wolfssl/wolfcrypt/random.h | 1 + 4 files changed, 7 insertions(+) diff --git a/examples/client/client.c b/examples/client/client.c index 40dae0d3b..69fb7e31e 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -510,6 +510,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, else { err_sys("wc_InitRng failed"); } + (void)rng; /* for WC_NO_RNG case */ } else { err_sys("Client buffer malloc failed"); diff --git a/tests/api.c b/tests/api.c index 7920afca0..8719fcecc 100644 --- a/tests/api.c +++ b/tests/api.c @@ -20611,6 +20611,9 @@ static int test_wc_RNG_GenerateBlock(void) wc_FreeRng(&rng); + (void)rng; /* for WC_NO_RNG case */ + (void)key; + return ret; } #endif diff --git a/wolfssl/test.h b/wolfssl/test.h index 0a8849c6b..926f1f73e 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -2858,6 +2858,7 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) tempfn[len] = '\0'; wc_FreeRng(&rng); + (void)rng; /* for WC_NO_RNG case */ return tempfn; } @@ -2973,6 +2974,7 @@ static WC_INLINE word16 GetRandomPort(void) port |= 0xC000; /* Make sure its in the 49152 - 65535 range */ wc_FreeRng(&rng); } + (void)rng; /* for WC_NO_RNG case */ return port; } diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 0d8db723c..676cd66a1 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -188,6 +188,7 @@ WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz); WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*); WOLFSSL_API int wc_FreeRng(WC_RNG*); #else +#include #define wc_InitRng(rng) NOT_COMPILED_IN #define wc_InitRng_ex(rng, h, d) NOT_COMPILED_IN #define wc_InitRngNonce(rng, n, s) NOT_COMPILED_IN From a4d502e22aa571ff7de7acc1e7b569294858a44c Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 13 Sep 2018 14:07:08 -0700 Subject: [PATCH 2/7] Additional fixes for no RNG cases. Specifically `./configure --disable-hashdrbg --disable-rng --enable-cryptonly` --- wolfssl/wolfcrypt/random.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 676cd66a1..9290be631 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -66,8 +66,8 @@ #endif /* make sure Hash DRBG is enabled, unless WC_NO_HASHDRBG is defined - or CUSTOM_RAND_GENERATE_BLOCK is defined*/ -#if !defined(WC_NO_HASHDRBG) || !defined(CUSTOM_RAND_GENERATE_BLOCK) + or CUSTOM_RAND_GENERATE_BLOCK is defined */ +#if !defined(WC_NO_HASHDRBG) && !defined(CUSTOM_RAND_GENERATE_BLOCK) #undef HAVE_HASHDRBG #define HAVE_HASHDRBG #ifndef WC_RESEED_INTERVAL @@ -106,7 +106,7 @@ #include #elif defined(HAVE_WNR) /* allow whitewood as direct RNG source using wc_GenerateSeed directly */ -#else +#elif !defined(WC_NO_RNG) #error No RNG source defined! #endif From 32d3cb6cfb1793fd2e69096aafdfe7ec4aad43f2 Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 14 Sep 2018 09:48:57 -0700 Subject: [PATCH 3/7] Fixes for case with Intel rand source and no DRBG (`./configure --enable-intelasm --enable-intelrand --disable-hashdrbg`). Fixes to `wolfSSL_RAND_egd` to better handle no DRBG case. --- src/ssl.c | 15 +++++---------- wolfssl/wolfcrypt/random.h | 2 ++ 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index aab29c707..9b4a0f27d 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -95,7 +95,6 @@ #if defined(WOLFCRYPT_HAVE_SRP) && !defined(NO_SHA256) \ && !defined(WC_NO_RNG) #include - #include #endif #endif @@ -21811,11 +21810,6 @@ int wolfSSL_RAND_write_file(const char* fname) #include #endif -/* at compile time check for HASH DRBG and throw warning if not found */ -#ifndef HAVE_HASHDRBG - #warning HAVE_HASHDRBG is needed for wolfSSL_RAND_egd to seed -#endif - /* This collects entropy from the path nm and seeds the global PRNG with it. * Makes a call to wolfSSL_RAND_Init which is not thread safe. * @@ -21825,7 +21819,8 @@ int wolfSSL_RAND_write_file(const char* fname) */ int wolfSSL_RAND_egd(const char* nm) { -#if defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) && !defined(HAVE_FIPS) +#if defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) && !defined(HAVE_FIPS) && \ + defined(HAVE_HASHDRBG) struct sockaddr_un rem; int fd; int ret = WOLFSSL_SUCCESS; @@ -21959,13 +21954,13 @@ int wolfSSL_RAND_egd(const char* nm) else { return ret; } -#else /* defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) && !HAVE_FIPS */ +#else WOLFSSL_MSG("Type of socket needed is not available"); - WOLFSSL_MSG("\tor using FIPS mode where RNG API is not available"); + WOLFSSL_MSG("\tor using mode where DRBG API is not available"); (void)nm; return WOLFSSL_FATAL_ERROR; -#endif /* defined(USE_WOLFSSL_IO) && !defined(USE_WINDOWS_API) */ +#endif /* USE_WOLFSSL_IO && !USE_WINDOWS_API && !HAVE_FIPS && HAVE_HASHDRBG */ } #endif /* !FREERTOS_TCP */ diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 9290be631..7fa501c81 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -106,6 +106,8 @@ #include #elif defined(HAVE_WNR) /* allow whitewood as direct RNG source using wc_GenerateSeed directly */ +#elif defined(HAVE_INTEL_RDSEED) || defined(HAVE_INTEL_RDRAND) + /* Intel RDRAND or RDSEED */ #elif !defined(WC_NO_RNG) #error No RNG source defined! #endif From 2e4c07ed93f699b7fc8f2f52799294c1c957090e Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 14 Sep 2018 14:09:27 -0700 Subject: [PATCH 4/7] Fixes and improvements for handling the `--disable-rng` case. Valid make check tests requires wolfCrypt only and no asymmetric crypto (`./configure --disable-rng --enable-cryptonly --disable-dh --disable-rsa --disable-ecc`). --- configure.ac | 6 +++++- wolfcrypt/src/rsa.c | 6 ++---- wolfssl/wolfcrypt/random.h | 2 +- wolfssl/wolfcrypt/settings.h | 3 ++- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index e8be4a18d..a78430fed 100644 --- a/configure.ac +++ b/configure.ac @@ -578,7 +578,11 @@ AC_ARG_ENABLE([harden], if test "$ENABLED_HARDEN" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING" + AM_CFLAGS="$AM_CFLAGS -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT" + if test "$ENABLED_RNG" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DWC_RSA_BLINDING" + fi else AM_CFLAGS="$AM_CFLAGS -DWC_NO_HARDEN" fi diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index ce7eecc8b..e6603889d 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -957,9 +957,9 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, { int ret; -#ifndef WC_NO_RNG switch (padType) { +#ifndef WC_NO_RNG case WC_RSA_PKCSV15_PAD: /*WOLFSSL_MSG("wolfSSL Using RSA PKCSV15 padding");*/ ret = RsaPad(input, inputLen, pkcsBlock, pkcsBlockLen, @@ -981,6 +981,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, hType, mgf, saltLen, bits, heap); break; #endif +#endif /* !WC_NO_RNG */ #ifdef WC_RSA_NO_PADDING case WC_RSA_NO_PAD: @@ -1003,9 +1004,6 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, WOLFSSL_MSG("Unknown RSA Pad Type"); ret = RSA_PAD_E; } -#else - ret = NOT_COMPILED_IN; -#endif /* silence warning if not used with padding scheme */ (void)input; diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index 7fa501c81..b3221b654 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -106,7 +106,7 @@ #include #elif defined(HAVE_WNR) /* allow whitewood as direct RNG source using wc_GenerateSeed directly */ -#elif defined(HAVE_INTEL_RDSEED) || defined(HAVE_INTEL_RDRAND) +#elif defined(HAVE_INTEL_RDRAND) /* Intel RDRAND or RDSEED */ #elif !defined(WC_NO_RNG) #error No RNG source defined! diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index b65e4dadc..4a8951252 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -1751,7 +1751,8 @@ extern void uITRON4_free(void *p) ; #ifndef WC_NO_HARDEN #if (defined(USE_FAST_MATH) && !defined(TFM_TIMING_RESISTANT)) || \ (defined(HAVE_ECC) && !defined(ECC_TIMING_RESISTANT)) || \ - (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)) + (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) && \ + !defined(WC_NO_RNG)) #ifndef _MSC_VER #warning "For timing resistance / side-channel attack prevention consider using harden options" From b832b7bad3a1a51dcf11d24e548d7cab01cadf57 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 17 Sep 2018 09:38:45 -0700 Subject: [PATCH 5/7] Fixes for building with `./configure --enable-opensslextra --disable-hashdrbg --disable-rng --enable-cryptonly --disable-dh --disable-rsa --disable-ecc`. --- wolfcrypt/src/asn.c | 7 +++++++ wolfssl/wolfcrypt/random.h | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 3e275185e..de047b92f 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -2690,6 +2690,9 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz, (void)curveOID; (void)oidSz; + (void)tmpIdx; + (void)keySz; + (void)heap; return 1; } @@ -2927,6 +2930,8 @@ int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz, sz = SetSequence(totalSz, out); XMEMMOVE(out + sz, out + MAX_SEQ_SZ, totalSz); + (void)rng; + return totalSz + sz; } @@ -3275,6 +3280,8 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); #endif + (void)rng; + return totalSz; } diff --git a/wolfssl/wolfcrypt/random.h b/wolfssl/wolfcrypt/random.h index b3221b654..b95d410d6 100644 --- a/wolfssl/wolfcrypt/random.h +++ b/wolfssl/wolfcrypt/random.h @@ -197,7 +197,7 @@ WOLFSSL_API int wc_FreeRng(WC_RNG*); #define wc_InitRngNonce_ex(rng, n, s, h, d) NOT_COMPILED_IN #define wc_RNG_GenerateBlock(rng, b, s) NOT_COMPILED_IN #define wc_RNG_GenerateByte(rng, b) NOT_COMPILED_IN -#define wc_FreeRng(rng) NOT_COMPILED_IN +#define wc_FreeRng(rng) (void)NOT_COMPILED_IN #endif From 9e305a01b401f55dcf868acbe3178b58491fcf1c Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 18 Sep 2018 11:17:39 -0700 Subject: [PATCH 6/7] More fixes for building with `./configure --disable-rng`. --- tests/api.c | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/tests/api.c b/tests/api.c index 8719fcecc..dbb0742bf 100644 --- a/tests/api.c +++ b/tests/api.c @@ -12690,7 +12690,7 @@ static int test_wc_ecc_make_key (void) { int ret = 0; -#if defined(HAVE_ECC) +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) WC_RNG rng; ecc_key key; @@ -12770,7 +12770,7 @@ static int test_wc_ecc_check_key (void) { int ret = 0; -#if defined(HAVE_ECC) +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) WC_RNG rng; ecc_key key; @@ -12817,7 +12817,7 @@ static int test_wc_ecc_size (void) { int ret = 0; -#if defined(HAVE_ECC) +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) WC_RNG rng; ecc_key key; @@ -12863,7 +12863,7 @@ static int test_wc_ecc_signVerify_hash (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) +#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && !defined(WC_NO_RNG) WC_RNG rng; ecc_key key; int signH = WOLFSSL_FATAL_ERROR; @@ -12973,7 +12973,7 @@ static int test_wc_ecc_shared_secret (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) +#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) ecc_key key, pubKey; WC_RNG rng; int keySz = KEY16; @@ -13040,7 +13040,7 @@ static int test_wc_ecc_export_x963 (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; byte out[ECC_ASN963_MAX_BUF_SZ]; @@ -13102,7 +13102,7 @@ static int test_wc_ecc_export_x963_ex (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; byte out[ECC_ASN963_MAX_BUF_SZ]; @@ -13201,7 +13201,7 @@ static int test_wc_ecc_import_x963 (void) int ret = 0; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \ - defined(HAVE_ECC_KEY_EXPORT) + defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key pubKey, key; WC_RNG rng; byte x963[ECC_ASN963_MAX_BUF_SZ]; @@ -13265,7 +13265,7 @@ static int ecc_import_private_key (void) int ret = 0; #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \ - defined(HAVE_ECC_KEY_EXPORT) + defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key, keyImp; WC_RNG rng; byte privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/ @@ -13336,7 +13336,7 @@ static int test_wc_ecc_export_private_only (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; byte out[ECC_PRIV_KEY_BUF]; @@ -13533,7 +13533,7 @@ static int test_wc_ecc_sig_size (void) { int ret = 0; -#ifdef HAVE_ECC +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int keySz = KEY16; @@ -13574,7 +13574,7 @@ static int test_wc_ecc_ctx_new (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) WC_RNG rng; ecEncCtx* cli = NULL; ecEncCtx* srv = NULL; @@ -13625,7 +13625,7 @@ static int test_wc_ecc_ctx_reset (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) ecEncCtx* ctx = NULL; WC_RNG rng; @@ -13674,7 +13674,7 @@ static int test_wc_ecc_ctx_set_peer_salt (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) WC_RNG rng; ecEncCtx* cliCtx = NULL; ecEncCtx* servCtx = NULL; @@ -13746,7 +13746,7 @@ static int test_wc_ecc_ctx_set_info (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) ecEncCtx* ctx = NULL; WC_RNG rng; const char* optInfo = "Optional Test Info."; @@ -13798,7 +13798,8 @@ static int test_wc_ecc_encryptDecrypt (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && defined(WOLFSSL_AES_128) +#if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && defined(WOLFSSL_AES_128) \ + && !defined(WC_NO_RNG) ecc_key srvKey, cliKey; WC_RNG rng; const char* msg = "EccBlock Size 16"; @@ -13943,7 +13944,7 @@ static int test_wc_ecc_pointFns (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) +#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; ecc_point* point = NULL; @@ -14117,7 +14118,7 @@ static int test_wc_ecc_shared_secret_ssh (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) +#if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) ecc_key key, key2; WC_RNG rng; int keySz = KEY32; @@ -14199,7 +14200,8 @@ static int test_wc_ecc_verify_hash_ex (void) { int ret = 0; -#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) +#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \ + && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; mp_int r; @@ -14328,7 +14330,7 @@ static int test_wc_ecc_mulmod (void) { int ret = 0; -#if defined(HAVE_ECC) && \ +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \ !(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_VALIDATE_ECC_IMPORT)) ecc_key key1, key2, key3; WC_RNG rng; @@ -14409,7 +14411,7 @@ static int test_wc_ecc_is_valid_idx (void) { int ret = 0; -#if defined(HAVE_ECC) +#if defined(HAVE_ECC) && !defined(WC_NO_RNG) ecc_key key; WC_RNG rng; int iVal = -2; From 4981480215f8ba3f41a18ecbe86c691b52fb4a72 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 18 Sep 2018 12:55:52 -0700 Subject: [PATCH 7/7] Fix to make sure `wc_RNG_GenerateBlock` return code is checked in test.h `GetRandomPort`. --- wolfssl/test.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/wolfssl/test.h b/wolfssl/test.h index 926f1f73e..3a540041a 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -2970,8 +2970,9 @@ static WC_INLINE word16 GetRandomPort(void) /* Generate random port for testing */ WC_RNG rng; if (wc_InitRng(&rng) == 0) { - wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port)); - port |= 0xC000; /* Make sure its in the 49152 - 65535 range */ + if (wc_RNG_GenerateBlock(&rng, (byte*)&port, sizeof(port)) == 0) { + port |= 0xC000; /* Make sure its in the 49152 - 65535 range */ + } wc_FreeRng(&rng); } (void)rng; /* for WC_NO_RNG case */