diff --git a/src/internal.c b/src/internal.c index 15cf3b743..962bfe842 100644 --- a/src/internal.c +++ b/src/internal.c @@ -5004,7 +5004,9 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out, #endif /* WOLFSSL_ASYNC_CRYPT */ { if (ret != 0 || ssl->eccVerifyRes == 0) { - ret = VERIFY_SIGN_ERROR; + if (ret == 0) { + ret = VERIFY_SIGN_ERROR; + } WOLFSSL_ERROR_VERBOSE(ret); } else { diff --git a/src/pk.c b/src/pk.c index 28dd4964e..324031c76 100644 --- a/src/pk.c +++ b/src/pk.c @@ -1377,7 +1377,7 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int ret = 1; WOLFSSL_EVP_PKEY* pkey = NULL; #if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA) - int derSz; + int derSz = 0; byte* derBuf = NULL; #endif /* WOLFSSL_KEY_GEN && !HAVE_USER_RSA */ @@ -1641,7 +1641,7 @@ int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher, byte* tmp = NULL; byte* cipherInfo = NULL; int derSz = 0; - int pemSz; + int pemSz = 0; const int type = PRIVATEKEY_TYPE; const char* header = NULL; const char* footer = NULL; @@ -3491,7 +3491,7 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, { int ret = 1; word32 outLen = 0; - int signSz; + int signSz = 0; WC_RNG* rng = NULL; int initTmpRng = 0; #ifdef WOLFSSL_SMALL_STACK @@ -3502,7 +3502,7 @@ int wolfSSL_RSA_sign_generic_padding(int hashAlg, const unsigned char* hash, WC_RNG* tmpRng = _tmpRng; byte encodedSig[MAX_ENCODED_SIG_SZ]; #endif - unsigned int encSz; + unsigned int encSz = 0; WOLFSSL_ENTER("wolfSSL_RSA_sign_generic_padding"); @@ -3689,7 +3689,7 @@ int wolfSSL_RSA_verify_ex(int hashAlg, const unsigned char* hash, #endif unsigned char* sigDec = NULL; unsigned int len = MAX_ENCODED_SIG_SZ; - int verLen; + int verLen = 0; #if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 1)) && !defined(HAVE_SELFTEST) enum wc_HashType hType = WC_HASH_TYPE_NONE; #endif @@ -3811,7 +3811,7 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* from, #if !defined(HAVE_FIPS) int mgf = WC_MGF1NONE; enum wc_HashType hash = WC_HASH_TYPE_NONE; - int pad_type; + int pad_type = WC_RSA_NO_PAD; #endif int outLen = 0; diff --git a/wolfcrypt/src/port/st/stsafe.c b/wolfcrypt/src/port/st/stsafe.c index ba2a6f5e7..688a234fe 100644 --- a/wolfcrypt/src/port/st/stsafe.c +++ b/wolfcrypt/src/port/st/stsafe.c @@ -123,7 +123,7 @@ int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl, word32 pubKeyY_len = sizeof(pubKeyY); ecc_key key; word32 inOutIdx = 0; - StSafeA_CurveId curve_id; + StSafeA_CurveId curve_id = STSAFE_A_NIST_P_256; int ecc_curve; (void)ssl; @@ -170,7 +170,7 @@ int SSL_STSAFE_VerifyPeerCertCb(WOLFSSL* ssl, #ifdef USE_STSAFE_VERBOSE STSAFE_INTERFACE_PRINTF("stsafe_interface_verify error: %d\n", err); #endif - err = WC_HW_E; + err = -err; } } @@ -507,7 +507,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx) #ifdef USE_STSAFE_VERBOSE STSAFE_INTERFACE_PRINTF("stsafe_interface_verify error: %d\n", rc); #endif - rc = WC_HW_E; + rc = -rc; } } } diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index cbb28b6e5..a31c7baa1 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -3884,14 +3884,12 @@ void fp_set(fp_int *a, fp_digit b) #endif int fp_set_int(fp_int *a, unsigned long b) { - int x; - /* use direct fp_set if b is less than fp_digit max * If input max value of b down shift by 1 less than full range * fp_digit, then condition is always true. */ #if ((ULONG_MAX >> (DIGIT_BIT-1)) > 0) + int x; if (b < FP_DIGIT_MAX) -#endif { fp_set (a, (fp_digit)b); return FP_OKAY; @@ -3918,8 +3916,11 @@ int fp_set_int(fp_int *a, unsigned long b) /* clamp digits */ fp_clamp(a); - - return FP_OKAY; +#else + fp_set (a, (fp_digit)b); +#endif + + return FP_OKAY; } /* check if a bit is set */ diff --git a/wolfssl/test.h b/wolfssl/test.h index 537e0b54e..f282cb38a 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -2813,7 +2813,7 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store) wolfSSL_BIO_free(bio); } } - wolfSSL_sk_X509_free(sk); + wolfSSL_sk_X509_pop_free(sk, NULL); } #endif }