mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 19:24:42 +02:00
Merge pull request #8070 from JacobBarthelmeh/testing_static_memory
use heap hint with wolfSSL_CTX_check_private_key
This commit is contained in:
Daniel Pouzzner
GitHub
@@ -6347,7 +6347,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
|
|||||||
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||||
#endif /* WOLF_PRIVATE_KEY_ID */
|
#endif /* WOLF_PRIVATE_KEY_ID */
|
||||||
{
|
{
|
||||||
ret = wc_CheckPrivateKeyCert(buff, size, der, 0);
|
ret = wc_CheckPrivateKeyCert(buff, size, der, 0, heap);
|
||||||
ret = (ret == 1) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
|
ret = (ret == 1) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -6407,7 +6407,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey,
|
|||||||
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
if (ret == WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||||
#endif /* WOLF_PRIVATE_KEY_ID */
|
#endif /* WOLF_PRIVATE_KEY_ID */
|
||||||
{
|
{
|
||||||
ret = wc_CheckPrivateKeyCert(buff, size, der, 1);
|
ret = wc_CheckPrivateKeyCert(buff, size, der, 1, heap);
|
||||||
ret = (ret == 1) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
|
ret = (ret == 1) ? WOLFSSL_SUCCESS: WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -12984,7 +12984,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_X509_NAME_ENTRY_get_object(
|
|||||||
#ifndef NO_CHECK_PRIVATE_KEY
|
#ifndef NO_CHECK_PRIVATE_KEY
|
||||||
return wc_CheckPrivateKey((byte*)key->pkey.ptr, key->pkey_sz,
|
return wc_CheckPrivateKey((byte*)key->pkey.ptr, key->pkey_sz,
|
||||||
x509->pubKey.buffer, x509->pubKey.length,
|
x509->pubKey.buffer, x509->pubKey.length,
|
||||||
(enum Key_Sum)x509->pubKeyOID) == 1 ?
|
(enum Key_Sum)x509->pubKeyOID, key->heap) == 1 ?
|
||||||
WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
|
||||||
#else
|
#else
|
||||||
/* not compiled in */
|
/* not compiled in */
|
||||||
|
|||||||
@@ -7446,9 +7446,11 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
|
|||||||
* privKeySz : size of private key buffer
|
* privKeySz : size of private key buffer
|
||||||
* pubKey : buffer holding DER format public key
|
* pubKey : buffer holding DER format public key
|
||||||
* pubKeySz : size of public key buffer
|
* pubKeySz : size of public key buffer
|
||||||
* ks : type of key */
|
* ks : type of key
|
||||||
|
* heap : heap hint to use */
|
||||||
int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
||||||
const byte* pubKey, word32 pubKeySz, enum Key_Sum ks)
|
const byte* pubKey, word32 pubKeySz, enum Key_Sum ks,
|
||||||
|
void* heap)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
(void)privKeySz;
|
(void)privKeySz;
|
||||||
@@ -7485,14 +7487,14 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((ret = wc_InitRsaKey(a, NULL)) < 0) {
|
if ((ret = wc_InitRsaKey(a, heap)) < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
|
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
|
||||||
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
|
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
|
||||||
#endif
|
#endif
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
if ((ret = wc_InitRsaKey(b, NULL)) < 0) {
|
if ((ret = wc_InitRsaKey(b, heap)) < 0) {
|
||||||
wc_FreeRsaKey(a);
|
wc_FreeRsaKey(a);
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
|
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
|
||||||
@@ -7553,7 +7555,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((ret = wc_ecc_init(key_pair)) < 0) {
|
if ((ret = wc_ecc_init_ex(key_pair, heap, INVALID_DEVID)) < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
|
XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
|
||||||
@@ -7571,7 +7573,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
wc_MemZero_Add("wc_CheckPrivateKey privDer", privDer, privSz);
|
wc_MemZero_Add("wc_CheckPrivateKey privDer", privDer, privSz);
|
||||||
#endif
|
#endif
|
||||||
wc_ecc_free(key_pair);
|
wc_ecc_free(key_pair);
|
||||||
ret = wc_ecc_init(key_pair);
|
ret = wc_ecc_init_ex(key_pair, heap, INVALID_DEVID);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = wc_ecc_import_private_key(privDer,
|
ret = wc_ecc_import_private_key(privDer,
|
||||||
privSz, pubKey,
|
privSz, pubKey,
|
||||||
@@ -7622,7 +7624,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((ret = wc_ed25519_init(key_pair)) < 0) {
|
if ((ret = wc_ed25519_init_ex(key_pair, heap, INVALID_DEVID)) < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
|
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
|
||||||
#endif
|
#endif
|
||||||
@@ -7672,7 +7674,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((ret = wc_ed448_init(key_pair)) < 0) {
|
if ((ret = wc_ed448_init_ex(key_pair, heap, INVALID_DEVID)) < 0) {
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448);
|
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448);
|
||||||
#endif
|
#endif
|
||||||
@@ -7919,6 +7921,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
(void)ks;
|
(void)ks;
|
||||||
|
(void)heap;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@@ -7933,7 +7936,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
|||||||
* checkAlt : indicate if we check primary or alternative key
|
* checkAlt : indicate if we check primary or alternative key
|
||||||
*/
|
*/
|
||||||
int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der,
|
int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der,
|
||||||
int checkAlt)
|
int checkAlt, void* heap)
|
||||||
{
|
{
|
||||||
int ret = 0;
|
int ret = 0;
|
||||||
|
|
||||||
@@ -7947,7 +7950,7 @@ int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der,
|
|||||||
word32 idx = 0;
|
word32 idx = 0;
|
||||||
/* Dilithium has the largest public key at the moment */
|
/* Dilithium has the largest public key at the moment */
|
||||||
word32 pubKeyLen = DILITHIUM_MAX_PUB_KEY_SIZE;
|
word32 pubKeyLen = DILITHIUM_MAX_PUB_KEY_SIZE;
|
||||||
byte* decodedPubKey = (byte*)XMALLOC(pubKeyLen, NULL,
|
byte* decodedPubKey = (byte*)XMALLOC(pubKeyLen, heap,
|
||||||
DYNAMIC_TYPE_PUBLIC_KEY);
|
DYNAMIC_TYPE_PUBLIC_KEY);
|
||||||
if (decodedPubKey == NULL) {
|
if (decodedPubKey == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
@@ -7966,15 +7969,15 @@ int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der,
|
|||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = wc_CheckPrivateKey(key, keySz, decodedPubKey, pubKeyLen,
|
ret = wc_CheckPrivateKey(key, keySz, decodedPubKey, pubKeyLen,
|
||||||
(enum Key_Sum) der->sapkiOID);
|
(enum Key_Sum) der->sapkiOID, heap);
|
||||||
}
|
}
|
||||||
XFREE(decodedPubKey, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
|
XFREE(decodedPubKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
ret = wc_CheckPrivateKey(key, keySz, der->publicKey,
|
ret = wc_CheckPrivateKey(key, keySz, der->publicKey,
|
||||||
der->pubKeySize, (enum Key_Sum) der->keyOID);
|
der->pubKeySize, (enum Key_Sum) der->keyOID, heap);
|
||||||
}
|
}
|
||||||
|
|
||||||
(void)checkAlt;
|
(void)checkAlt;
|
||||||
|
|||||||
@@ -1112,7 +1112,7 @@ static WARN_UNUSED_RESULT int freeDecCertList(WC_DerCertList** list,
|
|||||||
|
|
||||||
InitDecodedCert(DeCert, current->buffer, current->bufferSz, heap);
|
InitDecodedCert(DeCert, current->buffer, current->bufferSz, heap);
|
||||||
if (ParseCertRelative(DeCert, CERT_TYPE, NO_VERIFY, NULL, NULL) == 0) {
|
if (ParseCertRelative(DeCert, CERT_TYPE, NO_VERIFY, NULL, NULL) == 0) {
|
||||||
if (wc_CheckPrivateKeyCert(*pkey, *pkeySz, DeCert, 0) == 1) {
|
if (wc_CheckPrivateKeyCert(*pkey, *pkeySz, DeCert, 0, heap) == 1) {
|
||||||
WOLFSSL_MSG("Key Pair found");
|
WOLFSSL_MSG("Key Pair found");
|
||||||
*cert = current->buffer;
|
*cert = current->buffer;
|
||||||
*certSz = current->bufferSz;
|
*certSz = current->bufferSz;
|
||||||
|
|||||||
@@ -2382,9 +2382,11 @@ WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
|
|||||||
WOLFSSL_LOCAL int GetNameHash_ex(const byte* source, word32* idx, byte* hash,
|
WOLFSSL_LOCAL int GetNameHash_ex(const byte* source, word32* idx, byte* hash,
|
||||||
int maxIdx, word32 sigOID);
|
int maxIdx, word32 sigOID);
|
||||||
WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz,
|
WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz,
|
||||||
DecodedCert* der, int checkAlt);
|
DecodedCert* der, int checkAlt,
|
||||||
|
void* heap);
|
||||||
WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
|
||||||
const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
|
const byte* pubKey, word32 pubKeySz,
|
||||||
|
enum Key_Sum ks, void* heap);
|
||||||
WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g);
|
WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g);
|
||||||
#ifdef WOLFSSL_DH_EXTRA
|
#ifdef WOLFSSL_DH_EXTRA
|
||||||
WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx,
|
WOLFSSL_API int wc_DhPublicKeyDecode(const byte* input, word32* inOutIdx,
|
||||||
|
|||||||
Reference in New Issue
Block a user