mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-08 02:30:48 +02:00
revise static memory and update heap hint
This commit is contained in:
+1
-26
@@ -2554,32 +2554,7 @@ AC_ARG_ENABLE([staticmemory],
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xyes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DWOLFSSL_STATIC_MEMORY_MEDIUM"
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xnone"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY"
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xsmall"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DWOLFSSL_STATIC_MEMORY_SMALL"
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xmedium"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DWOLFSSL_STATIC_MEMORY_MEDIUM"
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xlarge"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DWOLFSSL_STATIC_MEMORY_LARGE"
|
||||
fi
|
||||
|
||||
if test "x$ENABLED_STATICMEMORY" = "xhuge"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DWOLFSSL_STATIC_MEMORY_HUGE"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_STATIC_MEMORY -DTFM_TIMING_RESISTANT"
|
||||
fi
|
||||
|
||||
|
||||
|
||||
@@ -980,7 +980,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef USE_WOLFSSL_MEMORY
|
||||
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
if (trackMemory)
|
||||
InitMemoryTracker();
|
||||
#endif
|
||||
@@ -1615,7 +1615,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
|
||||
((func_args*)args)->return_code = 0;
|
||||
|
||||
#ifdef USE_WOLFSSL_MEMORY
|
||||
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
if (trackMemory)
|
||||
ShowMemoryTracker();
|
||||
#endif /* USE_WOLFSSL_MEMORY */
|
||||
|
||||
@@ -252,7 +252,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
SOCKET_T sockfd = WOLFSSL_SOCKET_INVALID;
|
||||
SOCKET_T clientfd = WOLFSSL_SOCKET_INVALID;
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
wolfSSLStaticMethod method = NULL;
|
||||
#else
|
||||
SSL_METHOD* method = 0;
|
||||
#endif
|
||||
SSL_CTX* ctx = 0;
|
||||
SSL* ssl = 0;
|
||||
|
||||
@@ -319,6 +323,16 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
const char* wnrConfigFile = wnrConfig;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#if defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)
|
||||
byte memory[200000];
|
||||
#else
|
||||
byte memory[80000];
|
||||
#endif
|
||||
byte memoryIO[34500]; /* max of 17k for IO buffer (TLS packet can be 16k) */
|
||||
WOLFSSL_MEM_CONN_STATS ssl_stats;
|
||||
#endif
|
||||
|
||||
((func_args*)args)->return_code = -1; /* error state */
|
||||
|
||||
#ifdef NO_RSA
|
||||
@@ -560,7 +574,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef USE_CYASSL_MEMORY
|
||||
#if defined(USE_CYASSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
if (trackMemory)
|
||||
InitMemoryTracker();
|
||||
#endif
|
||||
@@ -574,18 +588,30 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
#ifndef NO_OLD_TLS
|
||||
#ifdef WOLFSSL_ALLOW_SSLV3
|
||||
case 0:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfSSLv3_server_static;
|
||||
#else
|
||||
method = SSLv3_server_method();
|
||||
#endif
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifndef NO_TLS
|
||||
case 1:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfTLSv1_server_static;
|
||||
#else
|
||||
method = TLSv1_server_method();
|
||||
#endif
|
||||
break;
|
||||
|
||||
|
||||
case 2:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfTLSv1_1_server_static;
|
||||
#else
|
||||
method = TLSv1_1_server_method();
|
||||
#endif
|
||||
break;
|
||||
|
||||
#endif
|
||||
@@ -593,19 +619,31 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
|
||||
#ifndef NO_TLS
|
||||
case 3:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfTLSv1_2_server_static;
|
||||
#else
|
||||
method = TLSv1_2_server_method();
|
||||
#endif
|
||||
break;
|
||||
#endif
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
#ifndef NO_OLD_TLS
|
||||
case -1:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfDTLSv1_server_static;
|
||||
#else
|
||||
method = DTLSv1_server_method();
|
||||
#endif
|
||||
break;
|
||||
#endif
|
||||
|
||||
case -2:
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
method = wolfDTLSv1_2_server_static;
|
||||
#else
|
||||
method = DTLSv1_2_server_method();
|
||||
#endif
|
||||
break;
|
||||
#endif
|
||||
|
||||
@@ -616,7 +654,19 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
if (method == NULL)
|
||||
err_sys("unable to get method");
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
if (wolfSSL_CTX_load_static_memory(&ctx, method, memory, sizeof(memory),0,1)
|
||||
!= SSL_SUCCESS)
|
||||
err_sys("unable to load static memory and create ctx");
|
||||
|
||||
/* load in a buffer for IO */
|
||||
if (wolfSSL_CTX_load_static_memory(&ctx, NULL, memoryIO, sizeof(memoryIO),
|
||||
WOLFMEM_IO_POOL_FIXED | WOLFMEM_TRACK_STATS, 1)
|
||||
!= SSL_SUCCESS)
|
||||
err_sys("unable to load static memory and create ctx");
|
||||
#else
|
||||
ctx = SSL_CTX_new(method);
|
||||
#endif
|
||||
if (ctx == NULL)
|
||||
err_sys("unable to get ctx");
|
||||
|
||||
@@ -783,11 +833,32 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
err_sys("tcp accept failed");
|
||||
}
|
||||
}
|
||||
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
||||
{
|
||||
WOLFSSL_MEM_STATS mem_stats;
|
||||
fprintf(stderr, "Before creating SSL\n");
|
||||
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
||||
err_sys("ctx not using static memory");
|
||||
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
||||
err_sys("error printing out memory stats");
|
||||
}
|
||||
#endif
|
||||
|
||||
ssl = SSL_new(ctx);
|
||||
if (ssl == NULL)
|
||||
err_sys("unable to get SSL");
|
||||
|
||||
#if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
|
||||
{
|
||||
WOLFSSL_MEM_STATS mem_stats;
|
||||
fprintf(stderr, "After creating SSL\n");
|
||||
if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
|
||||
err_sys("ctx not using static memory");
|
||||
if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
|
||||
err_sys("error printing out memory stats");
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef NO_HANDSHAKE_DONE_CB
|
||||
wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
|
||||
#endif
|
||||
@@ -972,6 +1043,20 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
if (wc_shutdown && ret == SSL_SHUTDOWN_NOT_DONE)
|
||||
SSL_shutdown(ssl); /* bidirectional shutdown */
|
||||
}
|
||||
/* display collected statistics */
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
|
||||
err_sys("static memory was not used with ssl");
|
||||
|
||||
fprintf(stderr, "\nprint off SSL memory stats\n");
|
||||
fprintf(stderr, "peak connection memory = %d\n", ssl_stats.peakMem);
|
||||
fprintf(stderr, "current memory in use = %d\n", ssl_stats.curMem);
|
||||
fprintf(stderr, "peak connection allocs = %d\n", ssl_stats.peakAlloc);
|
||||
fprintf(stderr, "current connection allocs = %d\n",ssl_stats.curAlloc);
|
||||
fprintf(stderr, "total connection allocs = %d\n",ssl_stats.totalAlloc);
|
||||
fprintf(stderr, "total connection frees = %d\n\n", ssl_stats.totalFr);
|
||||
|
||||
#endif
|
||||
SSL_free(ssl);
|
||||
|
||||
CloseSocket(clientfd);
|
||||
@@ -987,6 +1072,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
}
|
||||
} /* while(1) */
|
||||
|
||||
|
||||
CloseSocket(sockfd);
|
||||
SSL_CTX_free(ctx);
|
||||
|
||||
@@ -998,7 +1084,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
|
||||
ecc_fp_free(); /* free per thread cache */
|
||||
#endif
|
||||
|
||||
#ifdef USE_WOLFSSL_MEMORY
|
||||
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
if (trackMemory)
|
||||
ShowMemoryTracker();
|
||||
#endif
|
||||
|
||||
@@ -51,6 +51,12 @@ int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
|
||||
{
|
||||
WOLFSSL_ENTER("InitCRL");
|
||||
|
||||
/* default heap hint to null or test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
crl->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
crl->heap = NULL;
|
||||
#endif
|
||||
crl->cm = cm;
|
||||
crl->crlList = NULL;
|
||||
crl->monitors[0].path = NULL;
|
||||
@@ -233,7 +239,7 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl)
|
||||
|
||||
WOLFSSL_ENTER("AddCRL");
|
||||
|
||||
crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), NULL, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
if (crle == NULL) {
|
||||
WOLFSSL_MSG("alloc CRL Entry failed");
|
||||
return -1;
|
||||
@@ -241,14 +247,14 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl)
|
||||
|
||||
if (InitCRL_Entry(crle, dcrl) < 0) {
|
||||
WOLFSSL_MSG("Init CRL Entry failed");
|
||||
XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (LockMutex(&crl->crlLock) != 0) {
|
||||
WOLFSSL_MSG("LockMutex failed");
|
||||
FreeCRL_Entry(crle);
|
||||
XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
crle->next = crl->crlList;
|
||||
@@ -865,7 +871,7 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
|
||||
WOLFSSL_MSG("monitor path requested");
|
||||
|
||||
pathLen = (word32)XSTRLEN(path);
|
||||
pathBuf = (char*)XMALLOC(pathLen+1, NULL, DYNAMIC_TYPE_CRL_MONITOR);
|
||||
pathBuf = (char*)XMALLOC(pathLen+1, crl->heap,DYNAMIC_TYPE_CRL_MONITOR);
|
||||
if (pathBuf) {
|
||||
XSTRNCPY(pathBuf, path, pathLen);
|
||||
pathBuf[pathLen] = '\0'; /* Null Terminate */
|
||||
|
||||
+262
-91
@@ -1285,7 +1285,7 @@ void InitSSL_Method(WOLFSSL_METHOD* method, ProtocolVersion pv)
|
||||
|
||||
|
||||
/* Initialize SSL context, return 0 on success */
|
||||
int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
|
||||
int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
|
||||
{
|
||||
XMEMSET(ctx, 0, sizeof(WOLFSSL_CTX));
|
||||
|
||||
@@ -1345,7 +1345,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
|
||||
#endif
|
||||
|
||||
#ifndef NO_CERTS
|
||||
ctx->cm = wolfSSL_CertManagerNew();
|
||||
ctx->cm = wolfSSL_CertManagerNew_ex(heap);
|
||||
if (ctx->cm == NULL) {
|
||||
WOLFSSL_MSG("Bad Cert Manager New");
|
||||
return BAD_CERT_MANAGER_ERROR;
|
||||
@@ -1366,6 +1366,17 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method)
|
||||
#endif
|
||||
#endif /* HAVE_WOLF_EVENT */
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (heap == NULL) {
|
||||
ctx->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
(void)heap;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -1414,7 +1425,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
|
||||
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
|
||||
if (ctx->certOcspRequest) {
|
||||
FreeOcspRequest(ctx->certOcspRequest);
|
||||
XFREE(ctx->certOcspRequest, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(ctx->certOcspRequest, ctx->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -1422,7 +1433,7 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
|
||||
for (i = 0; i < MAX_CHAIN_DEPTH; i++) {
|
||||
if (ctx->chainOcspRequest[i]) {
|
||||
FreeOcspRequest(ctx->chainOcspRequest[i]);
|
||||
XFREE(ctx->chainOcspRequest[i], NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(ctx->chainOcspRequest[i], ctx->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -1430,6 +1441,18 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
|
||||
#endif /* NO_WOLFSSL_SERVER */
|
||||
|
||||
#endif /* HAVE_TLS_EXTENSIONS */
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
if (ctx->heap != NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (ctx->heap != (void*)WOLFSSL_HEAP_TEST) {
|
||||
#endif
|
||||
WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)(ctx->heap);
|
||||
FreeMutex(&((WOLFSSL_HEAP*)(hint->memory))->memory_mutex);
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
|
||||
@@ -2465,22 +2488,24 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag)
|
||||
}
|
||||
|
||||
|
||||
void FreeX509Name(WOLFSSL_X509_NAME* name)
|
||||
void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap)
|
||||
{
|
||||
if (name != NULL) {
|
||||
if (name->dynamicName)
|
||||
XFREE(name->name, NULL, DYNAMIC_TYPE_SUBJECT_CN);
|
||||
XFREE(name->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
if (name->fullName.fullName != NULL)
|
||||
XFREE(name->fullName.fullName, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(name->fullName.fullName, heap, DYNAMIC_TYPE_X509);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
(void)heap;
|
||||
}
|
||||
|
||||
|
||||
/* Initialize wolfSSL X509 type */
|
||||
void InitX509(WOLFSSL_X509* x509, int dynamicFlag)
|
||||
void InitX509(WOLFSSL_X509* x509, int dynamicFlag, void* heap)
|
||||
{
|
||||
x509->heap = heap;
|
||||
InitX509Name(&x509->issuer, 0);
|
||||
InitX509Name(&x509->subject, 0);
|
||||
x509->version = 0;
|
||||
@@ -2526,15 +2551,15 @@ void FreeX509(WOLFSSL_X509* x509)
|
||||
if (x509 == NULL)
|
||||
return;
|
||||
|
||||
FreeX509Name(&x509->issuer);
|
||||
FreeX509Name(&x509->subject);
|
||||
FreeX509Name(&x509->issuer, x509->heap);
|
||||
FreeX509Name(&x509->subject, x509->heap);
|
||||
if (x509->pubKey.buffer)
|
||||
XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
XFREE(x509->pubKey.buffer, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
FreeDer(&x509->derCert);
|
||||
XFREE(x509->sig.buffer, NULL, DYNAMIC_TYPE_SIGNATURE);
|
||||
XFREE(x509->sig.buffer, x509->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
XFREE(x509->authKeyId, NULL, DYNAMIC_TYPE_X509_EXT);
|
||||
XFREE(x509->subjKeyId, NULL, DYNAMIC_TYPE_X509_EXT);
|
||||
XFREE(x509->authKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
XFREE(x509->subjKeyId, x509->heap, DYNAMIC_TYPE_X509_EXT);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
if (x509->altNames)
|
||||
FreeAltNames(x509->altNames, NULL);
|
||||
@@ -3021,7 +3046,6 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
ssl->options.failNoCertxPSK = ctx->failNoCertxPSK;
|
||||
ssl->options.sendVerify = ctx->sendVerify;
|
||||
|
||||
ssl->heap = ctx->heap; /* defaults to self */
|
||||
ssl->options.partialWrite = ctx->partialWrite;
|
||||
ssl->options.quietShutdown = ctx->quietShutdown;
|
||||
ssl->options.groupMessages = ctx->groupMessages;
|
||||
@@ -3098,6 +3122,85 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
|
||||
XMEMSET(ssl, 0, sizeof(WOLFSSL));
|
||||
|
||||
#if defined(WOLFSSL_STATIC_MEMORY)
|
||||
if (ctx->heap != NULL) {
|
||||
WOLFSSL_HEAP_HINT* ssl_hint;
|
||||
WOLFSSL_HEAP_HINT* ctx_hint;
|
||||
|
||||
/* avoid derefrencing a test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (ctx->heap == (void*)WOLFSSL_HEAP_TEST) {
|
||||
ssl->heap = ctx->heap;
|
||||
}
|
||||
else {
|
||||
#endif
|
||||
ctx_hint = ((WOLFSSL_HEAP_HINT*)(ctx->heap));
|
||||
/* lock and check IO count / handshake count */
|
||||
if (LockMutex(&(ctx_hint->memory->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
if (ctx_hint->memory->maxHa <= ctx_hint->memory->curHa) {
|
||||
WOLFSSL_MSG("At max number of handshakes for static memory");
|
||||
return MEMORY_E;
|
||||
}
|
||||
ctx_hint->memory->curHa++;
|
||||
|
||||
if (ctx_hint->memory->maxIO <= ctx_hint->memory->curIO) {
|
||||
WOLFSSL_MSG("At max number of IO allowed for static memory");
|
||||
return MEMORY_E;
|
||||
}
|
||||
ctx_hint->memory->curIO++;
|
||||
UnLockMutex(&(ctx_hint->memory->memory_mutex));
|
||||
|
||||
ssl->heap = (WOLFSSL_HEAP_HINT*)XMALLOC(sizeof(WOLFSSL_HEAP_HINT),
|
||||
ctx->heap, DYNAMIC_TYPE_SSL);
|
||||
if (ssl->heap == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(ssl->heap, 0, sizeof(WOLFSSL_HEAP_HINT));
|
||||
ssl_hint = ((WOLFSSL_HEAP_HINT*)(ssl->heap));
|
||||
ssl_hint->memory = ctx_hint->memory;
|
||||
|
||||
/* check if tracking stats */
|
||||
if (ctx_hint->memory->flag & WOLFMEM_TRACK_STATS) {
|
||||
ssl_hint->stats = (WOLFSSL_MEM_CONN_STATS*)XMALLOC(
|
||||
sizeof(WOLFSSL_MEM_CONN_STATS), ctx->heap, DYNAMIC_TYPE_SSL);
|
||||
if (ssl_hint->stats == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(ssl_hint->stats, 0, sizeof(WOLFSSL_MEM_CONN_STATS));
|
||||
}
|
||||
|
||||
/* check if using fixed IO buffers */
|
||||
if (ctx_hint->memory->flag & WOLFMEM_IO_POOL_FIXED) {
|
||||
if (LockMutex(&(ctx_hint->memory->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
if (SetFixedIO(ctx_hint->memory, &(ssl_hint->inBuf)) != 1) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
if (SetFixedIO(ctx_hint->memory, &(ssl_hint->outBuf)) != 1) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
if (ssl_hint->outBuf == NULL || ssl_hint->inBuf == NULL) {
|
||||
WOLFSSL_MSG("Not enough memory to create fixed IO buffers");
|
||||
return MEMORY_E;
|
||||
}
|
||||
UnLockMutex(&(ctx_hint->memory->memory_mutex));
|
||||
}
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
ssl->heap = ctx->heap;
|
||||
}
|
||||
#else
|
||||
ssl->heap = ctx->heap; /* carry over user heap without static memory */
|
||||
#endif
|
||||
|
||||
ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer;
|
||||
ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN;
|
||||
|
||||
@@ -3105,7 +3208,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN;
|
||||
|
||||
#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS)
|
||||
InitX509(&ssl->peerCert, 0);
|
||||
InitX509(&ssl->peerCert, 0, ssl->heap);
|
||||
#endif
|
||||
|
||||
ssl->rfd = -1; /* set to invalid descriptor */
|
||||
@@ -3237,7 +3340,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if ( (ret = wc_InitRng(ssl->rng)) != 0) {
|
||||
if ( (ret = wc_InitRng_ex(ssl->rng, ssl->heap)) != 0) {
|
||||
WOLFSSL_MSG("RNG Init error");
|
||||
return ret;
|
||||
}
|
||||
@@ -3285,7 +3388,7 @@ static void FreeKeyExchange(WOLFSSL* ssl)
|
||||
{
|
||||
/* Cleanup signature buffer */
|
||||
if (ssl->buffers.sig.buffer) {
|
||||
XFREE(ssl->buffers.sig.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(ssl->buffers.sig.buffer, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->buffers.sig.buffer = NULL;
|
||||
ssl->buffers.sig.length = 0;
|
||||
}
|
||||
@@ -3298,7 +3401,7 @@ static void FreeKeyExchange(WOLFSSL* ssl)
|
||||
case DYNAMIC_TYPE_RSA:
|
||||
{
|
||||
wc_FreeRsaKey((RsaKey*)ssl->sigKey);
|
||||
XFREE(ssl->sigKey, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(ssl->sigKey, ssl->heap, DYNAMIC_TYPE_RSA);
|
||||
break;
|
||||
}
|
||||
#endif /* ! NO_RSA */
|
||||
@@ -3306,7 +3409,7 @@ static void FreeKeyExchange(WOLFSSL* ssl)
|
||||
case DYNAMIC_TYPE_ECC:
|
||||
{
|
||||
wc_ecc_free((ecc_key*)ssl->sigKey);
|
||||
XFREE(ssl->sigKey, NULL, DYNAMIC_TYPE_ECC);
|
||||
XFREE(ssl->sigKey, ssl->heap, DYNAMIC_TYPE_ECC);
|
||||
break;
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
@@ -3418,7 +3521,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
|
||||
#ifdef HAVE_ALPN
|
||||
if (ssl->alpn_client_list != NULL) {
|
||||
XFREE(ssl->alpn_client_list, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(ssl->alpn_client_list, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->alpn_client_list = NULL;
|
||||
}
|
||||
#endif
|
||||
@@ -3439,6 +3542,35 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
ssl->session.ticketLen = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
/* check if using fixed io buffers and free them */
|
||||
if (ssl->heap != NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (ssl->heap != (void*)WOLFSSL_HEAP_TEST) {
|
||||
#endif
|
||||
WOLFSSL_HEAP_HINT* ssl_hint = (WOLFSSL_HEAP_HINT*)ssl->heap;
|
||||
WOLFSSL_HEAP* ctx_heap;
|
||||
|
||||
ctx_heap = ssl_hint->memory;
|
||||
ctx_heap->curIO--;
|
||||
if (FreeFixedIO(ctx_heap, &(ssl_hint->outBuf)) != 1) {
|
||||
WOLFSSL_MSG("Error freeing fixed output buffer");
|
||||
}
|
||||
if (FreeFixedIO(ctx_heap, &(ssl_hint->inBuf)) != 1) {
|
||||
WOLFSSL_MSG("Error freeing fixed output buffer");
|
||||
}
|
||||
|
||||
/* check if tracking stats */
|
||||
if (ctx_heap->flag & WOLFMEM_TRACK_STATS) {
|
||||
XFREE(ssl_hint->stats, ssl->ctx->heap, DYNAMIC_TYPE_SSL);
|
||||
}
|
||||
XFREE(ssl->heap, ssl_hint, DYNAMIC_TYPE_SSL);
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_TI_HASH
|
||||
@@ -3586,16 +3718,38 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
/* when done with handshake decrement current handshake count */
|
||||
if (ssl->heap != NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (ssl->heap != (void*)WOLFSSL_HEAP_TEST) {
|
||||
#endif
|
||||
WOLFSSL_HEAP_HINT* ssl_hint = (WOLFSSL_HEAP_HINT*)ssl->heap;
|
||||
WOLFSSL_HEAP* ctx_heap;
|
||||
|
||||
ctx_heap = ssl_hint->memory;
|
||||
if (LockMutex(&(ctx_heap->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
}
|
||||
ctx_heap->curHa--;
|
||||
UnLockMutex(&(ctx_heap->memory_mutex));
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
}
|
||||
|
||||
|
||||
void FreeSSL(WOLFSSL* ssl)
|
||||
/* heap argument is the heap hint used when creating SSL */
|
||||
void FreeSSL(WOLFSSL* ssl, void* heap)
|
||||
{
|
||||
if (ssl->ctx) {
|
||||
FreeSSL_Ctx(ssl->ctx); /* will decrement and free underyling CTX if 0 */
|
||||
}
|
||||
SSL_ResourceFree(ssl);
|
||||
XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL);
|
||||
XFREE(ssl, heap, DYNAMIC_TYPE_SSL);
|
||||
(void)heap;
|
||||
}
|
||||
|
||||
|
||||
@@ -5653,7 +5807,8 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
XMEMCPY(&x509->issuer.fullName,
|
||||
&dCert->issuerName, sizeof(DecodedName));
|
||||
x509->issuer.fullName.fullName = (char*)XMALLOC(
|
||||
dCert->issuerName.fullNameLen, NULL, DYNAMIC_TYPE_X509);
|
||||
dCert->issuerName.fullNameLen, x509->heap,
|
||||
DYNAMIC_TYPE_X509);
|
||||
if (x509->issuer.fullName.fullName != NULL)
|
||||
XMEMCPY(x509->issuer.fullName.fullName,
|
||||
dCert->issuerName.fullName, dCert->issuerName.fullNameLen);
|
||||
@@ -5669,7 +5824,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
XMEMCPY(&x509->subject.fullName,
|
||||
&dCert->subjectName, sizeof(DecodedName));
|
||||
x509->subject.fullName.fullName = (char*)XMALLOC(
|
||||
dCert->subjectName.fullNameLen, NULL, DYNAMIC_TYPE_X509);
|
||||
dCert->subjectName.fullNameLen, x509->heap, DYNAMIC_TYPE_X509);
|
||||
if (x509->subject.fullName.fullName != NULL)
|
||||
XMEMCPY(x509->subject.fullName.fullName,
|
||||
dCert->subjectName.fullName, dCert->subjectName.fullNameLen);
|
||||
@@ -5730,7 +5885,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
|
||||
if (dCert->publicKey != NULL && dCert->pubKeySize != 0) {
|
||||
x509->pubKey.buffer = (byte*)XMALLOC(
|
||||
dCert->pubKeySize, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
dCert->pubKeySize, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
if (x509->pubKey.buffer != NULL) {
|
||||
x509->pubKeyOID = dCert->keyOID;
|
||||
x509->pubKey.length = dCert->pubKeySize;
|
||||
@@ -5742,7 +5897,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
|
||||
if (dCert->signature != NULL && dCert->sigLength != 0) {
|
||||
x509->sig.buffer = (byte*)XMALLOC(
|
||||
dCert->sigLength, NULL, DYNAMIC_TYPE_SIGNATURE);
|
||||
dCert->sigLength, x509->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||
if (x509->sig.buffer == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
@@ -5754,7 +5909,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
}
|
||||
|
||||
/* store cert for potential retrieval */
|
||||
if (AllocDer(&x509->derCert, dCert->maxIdx, CERT_TYPE, NULL) == 0) {
|
||||
if (AllocDer(&x509->derCert, dCert->maxIdx, CERT_TYPE, x509->heap) == 0) {
|
||||
XMEMCPY(x509->derCert->buffer, dCert->source, dCert->maxIdx);
|
||||
}
|
||||
else {
|
||||
@@ -5778,7 +5933,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
x509->authKeyIdSet = dCert->extAuthKeyIdSet;
|
||||
x509->authKeyIdCrit = dCert->extAuthKeyIdCrit;
|
||||
if (dCert->extAuthKeyIdSrc != NULL && dCert->extAuthKeyIdSz != 0) {
|
||||
x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, NULL,
|
||||
x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, x509->heap,
|
||||
DYNAMIC_TYPE_X509_EXT);
|
||||
if (x509->authKeyId != NULL) {
|
||||
XMEMCPY(x509->authKeyId,
|
||||
@@ -5791,7 +5946,7 @@ int CopyDecodedToX509(WOLFSSL_X509* x509, DecodedCert* dCert)
|
||||
x509->subjKeyIdSet = dCert->extSubjKeyIdSet;
|
||||
x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit;
|
||||
if (dCert->extSubjKeyIdSrc != NULL && dCert->extSubjKeyIdSz != 0) {
|
||||
x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, NULL,
|
||||
x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, x509->heap,
|
||||
DYNAMIC_TYPE_X509_EXT);
|
||||
if (x509->subjKeyId != NULL) {
|
||||
XMEMCPY(x509->subjKeyId,
|
||||
@@ -6339,12 +6494,12 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
WOLFSSL_MSG("PeerEccDsaKey Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
wc_ecc_init(ssl->peerEccDsaKey);
|
||||
wc_ecc_init_h(ssl->peerEccDsaKey, ssl->ctx->heap);
|
||||
} else if (ssl->peerEccDsaKeyPresent) {
|
||||
/* don't leak on reuse */
|
||||
wc_ecc_free(ssl->peerEccDsaKey);
|
||||
ssl->peerEccDsaKeyPresent = 0;
|
||||
wc_ecc_init(ssl->peerEccDsaKey);
|
||||
wc_ecc_init_h(ssl->peerEccDsaKey, ssl->ctx->heap);
|
||||
}
|
||||
if (wc_ecc_import_x963(dCert->publicKey, dCert->pubKeySize,
|
||||
ssl->peerEccDsaKey) != 0) {
|
||||
@@ -10139,15 +10294,15 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
InitDecodedCert(cert, der->buffer, der->length, NULL);
|
||||
InitDecodedCert(cert, der->buffer, der->length, ssl->heap);
|
||||
|
||||
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
|
||||
ssl->ctx->cm)) != 0) {
|
||||
WOLFSSL_MSG("ParseCert failed");
|
||||
}
|
||||
else {
|
||||
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
|
||||
DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),
|
||||
ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
if (request == NULL) {
|
||||
FreeDecodedCert(cert);
|
||||
|
||||
@@ -10160,7 +10315,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
|
||||
ret = InitOcspRequest(request, cert, 0);
|
||||
if (ret != 0) {
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
|
||||
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
|
||||
@@ -10192,13 +10347,13 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
ret = BuildCertificateStatus(ssl, status_type,
|
||||
&response, 1);
|
||||
|
||||
XFREE(response.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(response.buffer, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if (request != ssl->ctx->certOcspRequest)
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
break;
|
||||
|
||||
@@ -10236,15 +10391,15 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
InitDecodedCert(cert, der->buffer, der->length, NULL);
|
||||
InitDecodedCert(cert, der->buffer, der->length, ssl->heap);
|
||||
|
||||
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
|
||||
ssl->ctx->cm)) != 0) {
|
||||
WOLFSSL_MSG("ParseCert failed");
|
||||
}
|
||||
else {
|
||||
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), NULL,
|
||||
DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),
|
||||
ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
if (request == NULL) {
|
||||
FreeDecodedCert(cert);
|
||||
|
||||
@@ -10257,7 +10412,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
|
||||
ret = InitOcspRequest(request, cert, 0);
|
||||
if (ret != 0) {
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
else if (!ssl->buffers.weOwnCert && 0 == LockMutex(
|
||||
&ssl->ctx->cm->ocsp_stapling->ocspLock)) {
|
||||
@@ -10287,7 +10442,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
}
|
||||
|
||||
if (request != ssl->ctx->certOcspRequest)
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
|
||||
if (ret == 0 && (!ssl->ctx->chainOcspRequest[0]
|
||||
|| ssl->buffers.weOwnCertChain)) {
|
||||
@@ -10318,7 +10473,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
if (idx > ssl->buffers.certChain->length)
|
||||
break;
|
||||
|
||||
InitDecodedCert(cert, der.buffer, der.length, NULL);
|
||||
InitDecodedCert(cert, der.buffer, der.length, ssl->heap);
|
||||
|
||||
if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY,
|
||||
ssl->ctx->cm)) != 0) {
|
||||
@@ -10327,7 +10482,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
}
|
||||
else {
|
||||
request = (OcspRequest*)XMALLOC(sizeof(OcspRequest),
|
||||
NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
if (request == NULL) {
|
||||
ret = MEMORY_E;
|
||||
break;
|
||||
@@ -10335,7 +10490,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
|
||||
ret = InitOcspRequest(request, cert, 0);
|
||||
if (ret != 0) {
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap,DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
break;
|
||||
}
|
||||
else if (!ssl->buffers.weOwnCertChain && 0 ==
|
||||
@@ -10358,7 +10513,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
ret = 0;
|
||||
|
||||
if (request != ssl->ctx->chainOcspRequest[i])
|
||||
XFREE(request, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(request, ssl->heap,DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
|
||||
i++;
|
||||
}
|
||||
@@ -10391,7 +10546,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
|
||||
|
||||
for (i = 0; i < 1 + MAX_CHAIN_DEPTH; i++)
|
||||
if (responses[i].buffer)
|
||||
XFREE(responses[i].buffer, NULL,
|
||||
XFREE(responses[i].buffer, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
}
|
||||
@@ -13075,11 +13230,11 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
|
||||
WOLFSSL_MSG("PeerEccKey Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->ctx->heap);
|
||||
} else if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
|
||||
wc_ecc_free(ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->ctx->heap);
|
||||
}
|
||||
|
||||
if (wc_ecc_import_x963(input + *inOutIdx, length,
|
||||
@@ -13256,11 +13411,11 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
|
||||
WOLFSSL_MSG("PeerEccKey Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->ctx->heap);
|
||||
} else if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
|
||||
wc_ecc_free(ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->ctx->heap);
|
||||
}
|
||||
|
||||
if (wc_ecc_import_x963(input + *inOutIdx, length,
|
||||
@@ -14057,7 +14212,7 @@ static int QSH_GenerateSerCliSecret(WOLFSSL* ssl, byte isServer)
|
||||
buf = ssl->QSH_secret->CliSi;
|
||||
}
|
||||
buf->length = sz;
|
||||
buf->buffer = (byte*)XMALLOC(sz, buf->buffer, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
buf->buffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf->buffer == NULL) {
|
||||
WOLFSSL_ERROR(MEMORY_E);
|
||||
}
|
||||
@@ -14490,7 +14645,7 @@ static word32 QSH_KeyExchangeWrite(WOLFSSL* ssl, byte isServer)
|
||||
return NO_PEER_KEY;
|
||||
}
|
||||
|
||||
wc_ecc_init(&myKey);
|
||||
wc_ecc_init_h(&myKey, ssl->heap);
|
||||
ret = wc_ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
|
||||
if (ret != 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -14639,7 +14794,7 @@ static word32 QSH_KeyExchangeWrite(WOLFSSL* ssl, byte isServer)
|
||||
return NO_PEER_KEY;
|
||||
}
|
||||
|
||||
wc_ecc_init(&myKey);
|
||||
wc_ecc_init_h(&myKey, ssl->heap);
|
||||
ret = wc_ecc_make_key(ssl->rng, peerKey->dp->size, &myKey);
|
||||
if (ret != 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -14870,7 +15025,7 @@ static word32 QSH_KeyExchangeWrite(WOLFSSL* ssl, byte isServer)
|
||||
return ret;
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
wc_ecc_init(&eccKey);
|
||||
wc_ecc_init_h(&eccKey, ssl->heap);
|
||||
#endif
|
||||
#ifndef NO_RSA
|
||||
ret = wc_InitRsaKey(&key, ssl->heap);
|
||||
@@ -15602,7 +15757,7 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
WOLFSSL_MSG("EccTempKey Memory error");
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
wc_ecc_init(ssl->eccTempKey);
|
||||
wc_ecc_init_h(ssl->eccTempKey, ssl->heap);
|
||||
}
|
||||
ret = EccMakeTempKey(ssl);
|
||||
break;
|
||||
@@ -15763,7 +15918,7 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
length = ENUM_LEN + CURVE_LEN + ENUM_LEN;
|
||||
|
||||
exportSz = MAX_EXPORT_ECC_SZ;
|
||||
exportBuf = (byte*)XMALLOC(exportSz, NULL,
|
||||
exportBuf = (byte*)XMALLOC(exportSz, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (exportBuf == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
@@ -15826,7 +15981,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
|
||||
/* Export temp ECC key and add to length */
|
||||
exportSz = MAX_EXPORT_ECC_SZ;
|
||||
exportBuf = (byte*)XMALLOC(exportSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
exportBuf = (byte*)XMALLOC(exportSz, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (exportBuf == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
@@ -15846,19 +16002,22 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
word32 i = 0;
|
||||
int keySz;
|
||||
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), ssl->heap,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (ssl->sigKey == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
ssl->sigType = DYNAMIC_TYPE_RSA;
|
||||
|
||||
ret = wc_InitRsaKey((RsaKey*)ssl->sigKey, ssl->heap);
|
||||
ret = wc_InitRsaKey((RsaKey*)ssl->sigKey,
|
||||
ssl->heap);
|
||||
if (ret != 0) {
|
||||
goto exit_sske;
|
||||
}
|
||||
|
||||
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &i,
|
||||
(RsaKey*)ssl->sigKey, ssl->buffers.key->length);
|
||||
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer,
|
||||
&i, (RsaKey*)ssl->sigKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret != 0) {
|
||||
goto exit_sske;
|
||||
}
|
||||
@@ -15878,16 +16037,18 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
case ecc_dsa_sa_algo:
|
||||
{
|
||||
word32 i = 0;
|
||||
ssl->sigKey = XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
|
||||
ssl->sigKey = XMALLOC(sizeof(ecc_key),
|
||||
ssl->heap, DYNAMIC_TYPE_ECC);
|
||||
if (ssl->sigKey == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
ssl->sigType = DYNAMIC_TYPE_ECC;
|
||||
|
||||
wc_ecc_init((ecc_key*)ssl->sigKey);
|
||||
wc_ecc_init_h((ecc_key*)ssl->sigKey, ssl->heap);
|
||||
|
||||
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &i,
|
||||
(ecc_key*)ssl->sigKey, ssl->buffers.key->length);
|
||||
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer,
|
||||
&i, (ecc_key*)ssl->sigKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret != 0) {
|
||||
goto exit_sske;
|
||||
}
|
||||
@@ -16005,7 +16166,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
|
||||
/* Assemble buffer to hash for signature */
|
||||
sigDataSz = RAN_LEN + RAN_LEN + preSigSz;
|
||||
sigDataBuf = (byte*)XMALLOC(sigDataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
sigDataBuf = (byte*)XMALLOC(sigDataSz, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (sigDataBuf == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
@@ -16015,7 +16177,7 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
|
||||
ssl->buffers.sig.length = wc_HashGetDigestSize(hashType);
|
||||
ssl->buffers.sig.buffer = (byte*)XMALLOC(ssl->buffers.sig.length,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (ssl->buffers.sig.buffer == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
@@ -16038,12 +16200,13 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
/* For TLS 1.2 re-encode signature */
|
||||
if (IsAtLeastTLSv1_2(ssl)) {
|
||||
int typeH = 0;
|
||||
byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
byte* encodedSig = (byte*)XMALLOC(
|
||||
MAX_ENCODED_SIG_SZ, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (encodedSig == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
|
||||
|
||||
switch (ssl->suites->hashAlgo) {
|
||||
case sha512_mac:
|
||||
#ifdef WOLFSSL_SHA512
|
||||
@@ -16073,7 +16236,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
ssl->buffers.sig.buffer, ssl->buffers.sig.length, typeH);
|
||||
|
||||
/* Replace sig buffer with new one */
|
||||
XFREE(ssl->buffers.sig.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(ssl->buffers.sig.buffer, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->buffers.sig.buffer = encodedSig;
|
||||
}
|
||||
|
||||
@@ -16138,13 +16302,14 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
word32 i = 0;
|
||||
int keySz;
|
||||
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), ssl->heap,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (ssl->sigKey == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
ssl->sigType = DYNAMIC_TYPE_RSA;
|
||||
|
||||
ret = wc_InitRsaKey((RsaKey*)ssl->sigKey, ssl->heap);
|
||||
ret = wc_InitRsaKey((RsaKey*)ssl->sigKey,ssl->heap);
|
||||
if (ret != 0) {
|
||||
goto exit_sske;
|
||||
}
|
||||
@@ -16283,7 +16448,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
|
||||
/* Assemble buffer to hash for signature */
|
||||
sigDataSz = RAN_LEN + RAN_LEN + preSigSz;
|
||||
sigDataBuf = (byte*)XMALLOC(sigDataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
sigDataBuf = (byte*)XMALLOC(sigDataSz, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (sigDataBuf == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
@@ -16292,8 +16458,9 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
XMEMCPY(sigDataBuf+RAN_LEN+RAN_LEN, output + preSigIdx, preSigSz);
|
||||
|
||||
ssl->buffers.sig.length = wc_HashGetDigestSize(hashType);
|
||||
ssl->buffers.sig.buffer = (byte*)XMALLOC(ssl->buffers.sig.length,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->buffers.sig.buffer = (byte*)XMALLOC(
|
||||
ssl->buffers.sig.length, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (ssl->buffers.sig.buffer == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
@@ -16316,12 +16483,13 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
/* For TLS 1.2 re-encode signature */
|
||||
if (IsAtLeastTLSv1_2(ssl)) {
|
||||
int typeH = 0;
|
||||
byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
byte* encodedSig = (byte*)XMALLOC(
|
||||
MAX_ENCODED_SIG_SZ, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (encodedSig == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_sske);
|
||||
}
|
||||
|
||||
|
||||
switch (ssl->suites->hashAlgo) {
|
||||
case sha512_mac:
|
||||
#ifdef WOLFSSL_SHA512
|
||||
@@ -16351,7 +16519,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
ssl->buffers.sig.buffer, ssl->buffers.sig.length, typeH);
|
||||
|
||||
/* Replace sig buffer with new one */
|
||||
XFREE(ssl->buffers.sig.buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(ssl->buffers.sig.buffer, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ssl->buffers.sig.buffer = encodedSig;
|
||||
}
|
||||
|
||||
@@ -16567,13 +16736,13 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
/* Handle cleanup for stack variables here */
|
||||
#if defined(HAVE_ECC)
|
||||
if (exportBuf) {
|
||||
XFREE(exportBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(exportBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
exportBuf = NULL;
|
||||
}
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || (!defined(NO_DH) && !defined(NO_RSA))
|
||||
if (sigDataBuf) {
|
||||
XFREE(sigDataBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(sigDataBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
sigDataBuf = NULL;
|
||||
}
|
||||
#endif
|
||||
@@ -17972,7 +18141,8 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
word32 i = 0;
|
||||
int keySz;
|
||||
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
|
||||
ssl->sigKey = XMALLOC(sizeof(RsaKey), ssl->heap,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (ssl->sigKey == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_dcke);
|
||||
}
|
||||
@@ -18152,11 +18322,11 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
WOLFSSL_MSG("PeerEccKey Memory error");
|
||||
ERROR_OUT(MEMORY_E, exit_dcke);
|
||||
}
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->heap);
|
||||
} else if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
|
||||
wc_ecc_free(ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->heap);
|
||||
}
|
||||
|
||||
if (wc_ecc_import_x963(input + idx, length, ssl->peerEccKey)) {
|
||||
@@ -18171,13 +18341,14 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
if (ssl->specs.static_ecdh) {
|
||||
word32 i = 0;
|
||||
|
||||
ssl->sigKey = XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
|
||||
ssl->sigKey = XMALLOC(sizeof(ecc_key), ssl->heap,
|
||||
DYNAMIC_TYPE_ECC);
|
||||
if (ssl->sigKey == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_dcke);
|
||||
}
|
||||
ssl->sigType = DYNAMIC_TYPE_ECC;
|
||||
|
||||
wc_ecc_init((ecc_key*)ssl->sigKey);
|
||||
wc_ecc_init_h((ecc_key*)ssl->sigKey, ssl->heap);
|
||||
|
||||
ret = wc_EccPrivateKeyDecode(
|
||||
ssl->buffers.key->buffer,
|
||||
@@ -18361,11 +18532,11 @@ int DoSessionTicket(WOLFSSL* ssl,
|
||||
WOLFSSL_MSG("PeerEccKey Memory error");
|
||||
ERROR_OUT(MEMORY_E, exit_dcke);
|
||||
}
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->heap);
|
||||
} else if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
|
||||
wc_ecc_free(ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
wc_ecc_init(ssl->peerEccKey);
|
||||
wc_ecc_init_h(ssl->peerEccKey, ssl->heap);
|
||||
}
|
||||
if (wc_ecc_import_x963(input + idx, length,
|
||||
ssl->peerEccKey)) {
|
||||
|
||||
@@ -294,11 +294,11 @@ static wolfSSL_Mutex count_mutex; /* init ref count mutex */
|
||||
This function frees the passed in WOLFSSL_METHOD struct on failure and on
|
||||
success is freed when ctx is freed.
|
||||
*/
|
||||
WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap)
|
||||
{
|
||||
WOLFSSL_CTX* ctx = NULL;
|
||||
|
||||
WOLFSSL_ENTER("WOLFSSL_CTX_new");
|
||||
WOLFSSL_ENTER("WOLFSSL_CTX_new_ex");
|
||||
|
||||
if (initRefCount == 0) {
|
||||
/* user no longer forced to call Init themselves */
|
||||
@@ -307,7 +307,7 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
WOLFSSL_MSG("wolfSSL_Init failed");
|
||||
WOLFSSL_LEAVE("WOLFSSL_CTX_new", 0);
|
||||
if (method != NULL) {
|
||||
XFREE(method, NULL, DYNAMIC_TYPE_METHOD);
|
||||
XFREE(method, heap, DYNAMIC_TYPE_METHOD);
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
@@ -316,9 +316,9 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
if (method == NULL)
|
||||
return ctx;
|
||||
|
||||
ctx = (WOLFSSL_CTX*) XMALLOC(sizeof(WOLFSSL_CTX), 0, DYNAMIC_TYPE_CTX);
|
||||
ctx = (WOLFSSL_CTX*) XMALLOC(sizeof(WOLFSSL_CTX), heap, DYNAMIC_TYPE_CTX);
|
||||
if (ctx) {
|
||||
if (InitSSL_Ctx(ctx, method) < 0) {
|
||||
if (InitSSL_Ctx(ctx, method, heap) < 0) {
|
||||
WOLFSSL_MSG("Init CTX failed");
|
||||
wolfSSL_CTX_free(ctx);
|
||||
ctx = NULL;
|
||||
@@ -326,7 +326,7 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("Alloc CTX failed, method freed");
|
||||
XFREE(method, NULL, DYNAMIC_TYPE_METHOD);
|
||||
XFREE(method, heap, DYNAMIC_TYPE_METHOD);
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("WOLFSSL_CTX_new", 0);
|
||||
@@ -334,6 +334,12 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD* method)
|
||||
{
|
||||
return wolfSSL_CTX_new_ex(method, NULL);
|
||||
}
|
||||
|
||||
|
||||
void wolfSSL_CTX_free(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
WOLFSSL_ENTER("SSL_CTX_free");
|
||||
@@ -354,10 +360,10 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX* ctx)
|
||||
if (ctx == NULL)
|
||||
return ssl;
|
||||
|
||||
ssl = (WOLFSSL*) XMALLOC(sizeof(WOLFSSL), ctx->heap,DYNAMIC_TYPE_SSL);
|
||||
ssl = (WOLFSSL*) XMALLOC(sizeof(WOLFSSL), ctx->heap, DYNAMIC_TYPE_SSL);
|
||||
if (ssl)
|
||||
if ( (ret = InitSSL(ssl, ctx)) < 0) {
|
||||
FreeSSL(ssl);
|
||||
FreeSSL(ssl, ctx->heap);
|
||||
ssl = 0;
|
||||
}
|
||||
|
||||
@@ -370,7 +376,7 @@ void wolfSSL_free(WOLFSSL* ssl)
|
||||
{
|
||||
WOLFSSL_ENTER("SSL_free");
|
||||
if (ssl)
|
||||
FreeSSL(ssl);
|
||||
FreeSSL(ssl, ssl->ctx->heap);
|
||||
WOLFSSL_LEAVE("SSL_free", 0);
|
||||
}
|
||||
|
||||
@@ -617,6 +623,154 @@ int wolfSSL_GetObjectSize(void)
|
||||
return sizeof(WOLFSSL);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
|
||||
|
||||
int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap)
|
||||
{
|
||||
/* default size of chunks of memory to seperate into */
|
||||
word32 wc_defaultMemSz[WOLFMEM_DEF_BUCKETS] =
|
||||
{ 64, 128, 256, 512, 1024, 2400, 3408, 4544, 16000 };
|
||||
word32 wc_defaultDist[WOLFMEM_DEF_BUCKETS] = { 8, 4, 4, 12, 4, 5, 2, 1, 1 };
|
||||
|
||||
if (heap == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
XMEMSET(heap, 0, sizeof(WOLFSSL_HEAP));
|
||||
|
||||
/* default pool sizes and distribution, else leave a 0's for now */
|
||||
if (WOLFMEM_DEF_BUCKETS == WOLFMEM_MAX_BUCKETS) {
|
||||
XMEMCPY(heap->sizeList, wc_defaultMemSz, sizeof(wc_defaultMemSz));
|
||||
XMEMCPY(heap->distList, wc_defaultDist, sizeof(wc_defaultMemSz));
|
||||
}
|
||||
|
||||
if (InitMutex(&(heap->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Error creating heap memory mutex");
|
||||
}
|
||||
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
|
||||
int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx, wolfSSLStaticMethod method,
|
||||
unsigned char* buf, unsigned int sz,
|
||||
int flag, int max)
|
||||
{
|
||||
WOLFSSL_HEAP* heap;
|
||||
WOLFSSL_HEAP_HINT* hint;
|
||||
word32 idx = 0;
|
||||
|
||||
if (ctx == NULL || buf == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (*ctx == NULL && method == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (*ctx == NULL) {
|
||||
heap = (WOLFSSL_HEAP*)buf;
|
||||
idx += sizeof(WOLFSSL_HEAP);
|
||||
if (wolfSSL_init_memory_heap(heap) != SSL_SUCCESS) {
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
hint = (WOLFSSL_HEAP_HINT*)(buf + idx);
|
||||
idx += sizeof(WOLFSSL_HEAP_HINT);
|
||||
XMEMSET(hint, 0, sizeof(WOLFSSL_HEAP_HINT));
|
||||
hint->memory = heap;
|
||||
}
|
||||
else if ((*ctx)->heap == NULL) {
|
||||
heap = (WOLFSSL_HEAP*)buf;
|
||||
idx += sizeof(WOLFSSL_HEAP);
|
||||
if (wolfSSL_init_memory_heap(heap) != SSL_SUCCESS) {
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
hint = (WOLFSSL_HEAP_HINT*)(buf + idx);
|
||||
idx += sizeof(WOLFSSL_HEAP_HINT);
|
||||
XMEMSET(hint, 0, sizeof(WOLFSSL_HEAP_HINT));
|
||||
hint->memory = heap;
|
||||
}
|
||||
else {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
/* do not load in memory if test has been set */
|
||||
if ((*ctx)->heap == (void*)WOLFSSL_HEAP_TEST) {
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
#endif
|
||||
hint = (WOLFSSL_HEAP_HINT*)((*ctx)->heap);
|
||||
heap = hint->memory;
|
||||
}
|
||||
|
||||
if (wolfSSL_load_static_memory(buf + idx, sz - idx, flag, heap) != 1) {
|
||||
WOLFSSL_MSG("Error partitioning memory");
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
|
||||
/* create ctx if needed */
|
||||
if (*ctx == NULL) {
|
||||
*ctx = wolfSSL_CTX_new_ex(method(hint), hint);
|
||||
if (*ctx == NULL) {
|
||||
WOLFSSL_MSG("Error creating ctx");
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
/* determine what max applies too */
|
||||
if (flag & WOLFMEM_IO_POOL || flag & WOLFMEM_IO_POOL_FIXED) {
|
||||
heap->maxIO = max;
|
||||
}
|
||||
else { /* general memory used in handshakes */
|
||||
heap->maxHa = max;
|
||||
}
|
||||
|
||||
heap->flag |= flag;
|
||||
|
||||
(void)max;
|
||||
(void)method;
|
||||
|
||||
return SSL_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_is_static_memory(WOLFSSL* ssl, WOLFSSL_MEM_CONN_STATS* mem_stats)
|
||||
{
|
||||
if (ssl == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
WOLFSSL_ENTER("wolfSSL_is_static_memory");
|
||||
|
||||
/* fill out statistics if wanted and WOLFMEM_TRACK_STATS flag */
|
||||
if (mem_stats != NULL && ssl->heap != NULL) {
|
||||
WOLFSSL_HEAP_HINT* hint = ((WOLFSSL_HEAP_HINT*)(ssl->heap));
|
||||
WOLFSSL_HEAP* heap = hint->memory;
|
||||
if (heap->flag & WOLFMEM_TRACK_STATS && hint->stats != NULL) {
|
||||
XMEMCPY(mem_stats, hint->stats, sizeof(WOLFSSL_MEM_CONN_STATS));
|
||||
}
|
||||
}
|
||||
|
||||
return (ssl->heap)? 1 : 0;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx, WOLFSSL_MEM_STATS* mem_stats)
|
||||
{
|
||||
if (ctx == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_is_static_memory");
|
||||
|
||||
/* fill out statistics if wanted */
|
||||
if (mem_stats != NULL && ctx->heap != NULL) {
|
||||
WOLFSSL_HEAP* heap = ((WOLFSSL_HEAP_HINT*)(ctx->heap))->memory;
|
||||
if (wolfSSL_GetMemStats(heap, mem_stats) != 1) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
}
|
||||
|
||||
return (ctx->heap)? 1 : 0;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ctx, short keySz)
|
||||
@@ -693,15 +847,15 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
|
||||
XFREE(ssl->buffers.serverDH_G.buffer, ssl->ctx->heap, DYNAMIC_TYPE_DH);
|
||||
|
||||
ssl->buffers.weOwnDH = 1; /* SSL owns now */
|
||||
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(pSz, ssl->ctx->heap,
|
||||
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(pSz, ssl->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
if (ssl->buffers.serverDH_P.buffer == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(gSz, ssl->ctx->heap,
|
||||
ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(gSz, ssl->heap,
|
||||
DYNAMIC_TYPE_DH);
|
||||
if (ssl->buffers.serverDH_G.buffer == NULL) {
|
||||
XFREE(ssl->buffers.serverDH_P.buffer, ssl->ctx->heap, DYNAMIC_TYPE_DH);
|
||||
XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -740,11 +894,11 @@ int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p, int pSz,
|
||||
XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
|
||||
XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH);
|
||||
|
||||
ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap,DYNAMIC_TYPE_DH);
|
||||
ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap, DYNAMIC_TYPE_DH);
|
||||
if (ctx->serverDH_P.buffer == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
ctx->serverDH_G.buffer = (byte*)XMALLOC(gSz, ctx->heap,DYNAMIC_TYPE_DH);
|
||||
ctx->serverDH_G.buffer = (byte*)XMALLOC(gSz, ctx->heap, DYNAMIC_TYPE_DH);
|
||||
if (ctx->serverDH_G.buffer == NULL) {
|
||||
XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH);
|
||||
return MEMORY_E;
|
||||
@@ -1190,7 +1344,7 @@ int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
|
||||
}
|
||||
|
||||
|
||||
list = (char *)XMALLOC(protocol_name_listSz+1, NULL,
|
||||
list = (char *)XMALLOC(protocol_name_listSz+1, ssl->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (list == NULL) {
|
||||
WOLFSSL_MSG("Memory failure");
|
||||
@@ -1239,7 +1393,7 @@ int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list, word16 *listSz)
|
||||
if (*listSz == 0)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
*list = (char *)XMALLOC((*listSz)+1, NULL, DYNAMIC_TYPE_TLSX);
|
||||
*list = (char *)XMALLOC((*listSz)+1, ssl->heap, DYNAMIC_TYPE_TLSX);
|
||||
if (*list == NULL)
|
||||
return MEMORY_ERROR;
|
||||
|
||||
@@ -1916,13 +2070,14 @@ void FreeDer(DerBuffer** pDer)
|
||||
}
|
||||
}
|
||||
|
||||
WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
|
||||
|
||||
WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
|
||||
{
|
||||
WOLFSSL_CERT_MANAGER* cm = NULL;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CertManagerNew");
|
||||
|
||||
cm = (WOLFSSL_CERT_MANAGER*) XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), 0,
|
||||
cm = (WOLFSSL_CERT_MANAGER*) XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), heap,
|
||||
DYNAMIC_TYPE_CERT_MANAGER);
|
||||
if (cm) {
|
||||
XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
|
||||
@@ -1948,12 +2103,25 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
|
||||
#ifdef HAVE_ECC
|
||||
cm->minEccKeySz = MIN_ECCKEY_SZ;
|
||||
#endif
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (heap == NULL) {
|
||||
cm->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
cm->heap = heap;
|
||||
}
|
||||
|
||||
return cm;
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
|
||||
{
|
||||
return wolfSSL_CertManagerNew_ex(NULL);
|
||||
}
|
||||
|
||||
|
||||
void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_CertManagerFree");
|
||||
@@ -1972,15 +2140,15 @@ void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
|
||||
FreeOCSP(cm->ocsp_stapling, 1);
|
||||
#endif
|
||||
#endif
|
||||
FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL);
|
||||
FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
|
||||
FreeMutex(&cm->caLock);
|
||||
|
||||
#ifdef WOLFSSL_TRUST_PEER_CERT
|
||||
FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, NULL);
|
||||
FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
|
||||
FreeMutex(&cm->tpLock);
|
||||
#endif
|
||||
|
||||
XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER);
|
||||
XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -2631,7 +2799,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify)
|
||||
|
||||
WOLFSSL_MSG("Adding a Trusted Peer Cert");
|
||||
|
||||
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
|
||||
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (cert == NULL)
|
||||
return MEMORY_E;
|
||||
@@ -2643,11 +2811,11 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify)
|
||||
}
|
||||
WOLFSSL_MSG(" Parsed new trusted peer cert");
|
||||
|
||||
peerCert = (TrustedPeerCert*)XMALLOC(sizeof(TrustedPeerCert), NULL,
|
||||
peerCert = (TrustedPeerCert*)XMALLOC(sizeof(TrustedPeerCert), cm->heap,
|
||||
DYNAMIC_TYPE_CERT);
|
||||
if (peerCert == NULL) {
|
||||
FreeDecodedCert(cert);
|
||||
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(cert, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(peerCert, 0, sizeof(TrustedPeerCert));
|
||||
@@ -2681,7 +2849,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify)
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
if (peerCert->sig == NULL) {
|
||||
FreeDecodedCert(cert);
|
||||
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(cert, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
FreeTrustedPeer(peerCert, cm->heap);
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -2728,7 +2896,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify)
|
||||
else {
|
||||
WOLFSSL_MSG(" Trusted Peer Cert Mutex Lock failed");
|
||||
FreeDecodedCert(cert);
|
||||
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(cert, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
FreeTrustedPeer(peerCert, cm->heap);
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
@@ -2736,7 +2904,7 @@ int AddTrustedPeer(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int verify)
|
||||
|
||||
WOLFSSL_MSG(" Freeing parsed trusted peer cert");
|
||||
FreeDecodedCert(cert);
|
||||
XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(cert, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
WOLFSSL_MSG(" Freeing der trusted peer cert");
|
||||
FreeDer(&der);
|
||||
WOLFSSL_MSG(" OK Freeing der trusted peer cert");
|
||||
@@ -3391,7 +3559,7 @@ static int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
|
||||
int ret;
|
||||
int eccKey = 0;
|
||||
int rsaKey = 0;
|
||||
void* heap = ctx ? ctx->heap : NULL;
|
||||
void* heap = ctx ? ctx->heap : ((ssl) ? ssl->heap : NULL);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
EncryptedInfo* info = NULL;
|
||||
#else
|
||||
@@ -4415,7 +4583,7 @@ int ProcessFile(WOLFSSL_CTX* ctx, const char* fname, int format, int type,
|
||||
int ret;
|
||||
long sz = 0;
|
||||
XFILE file;
|
||||
void* heapHint = ctx ? ctx->heap : NULL;
|
||||
void* heapHint = ctx ? ctx->heap : ((ssl) ? ssl->heap : NULL);
|
||||
|
||||
(void)crl;
|
||||
(void)heapHint;
|
||||
@@ -6453,6 +6621,47 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
|
||||
WOLFSSL_METHOD* wolfSSLv3_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("SSLv3_client_static");
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeSSLv3());
|
||||
return method;
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
|
||||
#ifndef NO_OLD_TLS
|
||||
WOLFSSL_METHOD* wolfDTLSv1_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("DTLSv1_client_static");
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeDTLSv1());
|
||||
return method;
|
||||
}
|
||||
#endif /* NO_OLD_TLS */
|
||||
|
||||
WOLFSSL_METHOD* wolfDTLSv1_2_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("DTLSv1_2_client_static");
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeDTLSv1_2());
|
||||
return method;
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
/* please see note at top of README if you get an error from connect */
|
||||
int wolfSSL_connect(WOLFSSL* ssl)
|
||||
@@ -6767,6 +6976,54 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
|
||||
WOLFSSL_METHOD* wolfSSLv3_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("SSLv3_server_static");
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeSSLv3());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
|
||||
#ifndef NO_OLD_TLS
|
||||
WOLFSSL_METHOD* wolfDTLSv1_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("DTLSv1_server_static");
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeDTLSv1());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif /* NO_OLD_TLS */
|
||||
|
||||
WOLFSSL_METHOD* wolfDTLSv1_2_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
WOLFSSL_ENTER("DTLSv1_2_server_static");
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeDTLSv1_2());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
int wolfSSL_accept(WOLFSSL* ssl)
|
||||
{
|
||||
@@ -10314,7 +10571,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
||||
if (x509) {
|
||||
if (x509->dynamicMemory) {
|
||||
FreeX509(x509);
|
||||
XFREE(x509, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(x509, x509->heap, DYNAMIC_TYPE_X509);
|
||||
} else {
|
||||
WOLFSSL_MSG("free called on non dynamic object, not freeing");
|
||||
}
|
||||
@@ -10684,7 +10941,7 @@ static void ExternalFreeX509(WOLFSSL_X509* x509)
|
||||
if (!name->sz) return in;
|
||||
|
||||
if (!in) {
|
||||
in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL);
|
||||
in = (char*)XMALLOC(name->sz, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
if (!in ) return in;
|
||||
copySz = name->sz;
|
||||
}
|
||||
@@ -10892,7 +11149,7 @@ WOLFSSL_X509* wolfSSL_X509_d2i(WOLFSSL_X509** x509, const byte* in, int len)
|
||||
newX509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
|
||||
DYNAMIC_TYPE_X509);
|
||||
if (newX509 != NULL) {
|
||||
InitX509(newX509, 1);
|
||||
InitX509(newX509, 1, NULL);
|
||||
if (CopyDecodedToX509(newX509, cert) != 0) {
|
||||
XFREE(newX509, NULL, DYNAMIC_TYPE_X509);
|
||||
newX509 = NULL;
|
||||
@@ -11068,7 +11325,7 @@ WOLFSSL_X509* wolfSSL_X509_load_certificate_file(const char* fname, int format)
|
||||
x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
|
||||
DYNAMIC_TYPE_X509);
|
||||
if (x509 != NULL) {
|
||||
InitX509(x509, 1);
|
||||
InitX509(x509, 1, NULL);
|
||||
if (CopyDecodedToX509(x509, cert) != 0) {
|
||||
XFREE(x509, NULL, DYNAMIC_TYPE_X509);
|
||||
x509 = NULL;
|
||||
|
||||
@@ -4611,6 +4611,29 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
return method;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfTLSv1_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeTLSv1());
|
||||
return method;
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_METHOD* wolfTLSv1_1_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeTLSv1_1());
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#endif /* !NO_OLD_TLS */
|
||||
|
||||
#ifndef NO_SHA256 /* can't use without SHA256 */
|
||||
@@ -4625,6 +4648,17 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
return method;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfTLSv1_2_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method)
|
||||
InitSSL_Method(method, MakeTLSv1_2());
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
#endif
|
||||
|
||||
|
||||
@@ -4647,6 +4681,26 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
}
|
||||
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfSSLv23_client_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method) {
|
||||
#ifndef NO_SHA256 /* 1.2 requires SHA256 */
|
||||
InitSSL_Method(method, MakeTLSv1_2());
|
||||
#else
|
||||
InitSSL_Method(method, MakeTLSv1_1());
|
||||
#endif
|
||||
#ifndef NO_OLD_TLS
|
||||
method->downgrade = 1;
|
||||
#endif
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#endif /* NO_WOLFSSL_CLIENT */
|
||||
|
||||
|
||||
@@ -4680,6 +4734,32 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
return method;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfTLSv1_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeTLSv1());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
|
||||
|
||||
WOLFSSL_METHOD* wolfTLSv1_1_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeTLSv1_1());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
#endif /* !NO_OLD_TLS */
|
||||
|
||||
#ifndef NO_SHA256 /* can't use without SHA256 */
|
||||
@@ -4696,6 +4776,20 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
return method;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfTLSv1_2_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method) {
|
||||
InitSSL_Method(method, MakeTLSv1_2());
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#endif
|
||||
|
||||
|
||||
@@ -4718,6 +4812,26 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte isRequest,
|
||||
return method;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_METHOD* wolfSSLv23_server_static(void* heap)
|
||||
{
|
||||
WOLFSSL_METHOD* method =
|
||||
(WOLFSSL_METHOD*) XMALLOC(sizeof(WOLFSSL_METHOD),
|
||||
heap, DYNAMIC_TYPE_METHOD);
|
||||
if (method) {
|
||||
#ifndef NO_SHA256 /* 1.2 requires SHA256 */
|
||||
InitSSL_Method(method, MakeTLSv1_2());
|
||||
#else
|
||||
InitSSL_Method(method, MakeTLSv1_1());
|
||||
#endif
|
||||
method->side = WOLFSSL_SERVER_END;
|
||||
#ifndef NO_OLD_TLS
|
||||
method->downgrade = 1;
|
||||
#endif /* !NO_OLD_TLS */
|
||||
}
|
||||
return method;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
|
||||
#endif /* NO_WOLFSSL_SERVER */
|
||||
|
||||
@@ -29,6 +29,9 @@
|
||||
#endif
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#if defined(WOLFSSL_STATIC_MEMORY)
|
||||
#include <wolfssl/wolfcrypt/memory.h>
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
#ifdef HAVE_ECC
|
||||
#include <wolfssl/wolfcrypt/ecc.h> /* wc_ecc_fp_free */
|
||||
#endif
|
||||
|
||||
@@ -469,6 +469,10 @@ int SuiteTest(void)
|
||||
args.argv = myArgv;
|
||||
strcpy(argv0[0], "SuiteTest");
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
byte memory[200000];
|
||||
#endif
|
||||
|
||||
(void)test_harness;
|
||||
|
||||
cipherSuiteCtx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
@@ -477,6 +481,16 @@ int SuiteTest(void)
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
/* load in static memory buffer if enabled */
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
if (wolfSSL_CTX_load_static_memory(&cipherSuiteCtx, NULL,
|
||||
memory, sizeof(memory), 0, 1)
|
||||
!= SSL_SUCCESS) {
|
||||
printf("unable to load static memory and create ctx");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* default case */
|
||||
args.argc = 1;
|
||||
printf("starting default cipher suite tests\n");
|
||||
|
||||
+16
-4
@@ -1231,7 +1231,7 @@ static void wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
/* check alignment, decrypt doesn't need alignment */
|
||||
if ((wolfssl_word)inBlock % 16) {
|
||||
#ifndef NO_WOLFSSL_ALLOC_ALIGN
|
||||
byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE, NULL,
|
||||
byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE, aes->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmp == NULL) return;
|
||||
|
||||
@@ -1239,7 +1239,7 @@ static void wc_AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
AES_ECB_encrypt(tmp, tmp, AES_BLOCK_SIZE, (byte*)aes->key,
|
||||
aes->rounds);
|
||||
XMEMCPY(outBlock, tmp, AES_BLOCK_SIZE);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return;
|
||||
#else
|
||||
WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
|
||||
@@ -1924,6 +1924,18 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
|
||||
}
|
||||
|
||||
|
||||
/* set the heap hint for aes struct */
|
||||
int wc_InitAes_h(Aes* aes, void* h)
|
||||
{
|
||||
if (aes == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
aes->heap = h;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/* AES-DIRECT */
|
||||
@@ -2498,7 +2510,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
|
||||
/* check alignment, decrypt doesn't need alignment */
|
||||
if ((wolfssl_word)in % 16) {
|
||||
#ifndef NO_WOLFSSL_ALLOC_ALIGN
|
||||
byte* tmp = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
byte* tmp = (byte*)XMALLOC(sz, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
WOLFSSL_MSG("AES-CBC encrypt with bad alignment");
|
||||
if (tmp == NULL) return MEMORY_E;
|
||||
|
||||
@@ -2509,7 +2521,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
|
||||
XMEMCPY(aes->reg, tmp + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
|
||||
|
||||
XMEMCPY(out, tmp, sz);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return 0;
|
||||
#else
|
||||
return BAD_ALIGN_E;
|
||||
|
||||
+81
-71
@@ -1949,12 +1949,12 @@ static mp_int* GetDsaInt(DsaKey* key, int idx)
|
||||
}
|
||||
|
||||
/* Release Tmp DSA resources */
|
||||
static INLINE void FreeTmpDsas(byte** tmps)
|
||||
static INLINE void FreeTmpDsas(byte** tmps, void* heap)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < DSA_INTS; i++)
|
||||
XFREE(tmps[i], NULL, DYNAMIC_TYPE_DSA);
|
||||
XFREE(tmps[i], heap, DYNAMIC_TYPE_DSA);
|
||||
}
|
||||
|
||||
/* Convert DsaKey key to DER format, write to output (inLen), return bytes
|
||||
@@ -1986,7 +1986,8 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
||||
lbit = mp_leading_bit(keyInt);
|
||||
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
|
||||
|
||||
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
|
||||
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
|
||||
DYNAMIC_TYPE_DSA);
|
||||
if (tmps[i] == NULL) {
|
||||
ret = MEMORY_E;
|
||||
break;
|
||||
@@ -2019,7 +2020,7 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
||||
}
|
||||
|
||||
if (ret != 0) {
|
||||
FreeTmpDsas(tmps);
|
||||
FreeTmpDsas(tmps, key->heap);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -2041,7 +2042,7 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
||||
XMEMCPY(output + j, tmps[i], sizes[i]);
|
||||
j += sizes[i];
|
||||
}
|
||||
FreeTmpDsas(tmps);
|
||||
FreeTmpDsas(tmps, key->heap);
|
||||
|
||||
return outLen;
|
||||
}
|
||||
@@ -2220,9 +2221,9 @@ void FreeDecodedCert(DecodedCert* cert)
|
||||
#endif /* WOLFSSL_SEP */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
if (cert->issuerName.fullName != NULL)
|
||||
XFREE(cert->issuerName.fullName, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(cert->issuerName.fullName, cert->heap, DYNAMIC_TYPE_X509);
|
||||
if (cert->subjectName.fullName != NULL)
|
||||
XFREE(cert->subjectName.fullName, NULL, DYNAMIC_TYPE_X509);
|
||||
XFREE(cert->subjectName.fullName, cert->heap, DYNAMIC_TYPE_X509);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
}
|
||||
|
||||
@@ -2858,7 +2859,8 @@ static int GetName(DecodedCert* cert, int nameType)
|
||||
if (dName->serialLen != 0)
|
||||
totalLen += dName->serialLen + 14;
|
||||
|
||||
dName->fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509);
|
||||
dName->fullName = (char*)XMALLOC(totalLen + 1, cert->heap,
|
||||
DYNAMIC_TYPE_X509);
|
||||
if (dName->fullName != NULL) {
|
||||
idx = 0;
|
||||
|
||||
@@ -6447,7 +6449,8 @@ static int SetSKID(byte* output, word32 outSz, byte *input, word32 length)
|
||||
|
||||
/* encode Authority Key Identifier, return total bytes written
|
||||
* RFC5280 : non-critical */
|
||||
static int SetAKID(byte* output, word32 outSz, byte *input, word32 length)
|
||||
static int SetAKID(byte* output, word32 outSz,
|
||||
byte *input, word32 length, void* heap)
|
||||
{
|
||||
byte *enc_val;
|
||||
int ret, enc_valSz;
|
||||
@@ -6457,7 +6460,7 @@ static int SetAKID(byte* output, word32 outSz, byte *input, word32 length)
|
||||
if (output == NULL || input == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
enc_val = (byte *)XMALLOC(length+3+sizeof(akid_cs), NULL,
|
||||
enc_val = (byte *)XMALLOC(length+3+sizeof(akid_cs), heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (enc_val == NULL)
|
||||
return MEMORY_E;
|
||||
@@ -6466,14 +6469,14 @@ static int SetAKID(byte* output, word32 outSz, byte *input, word32 length)
|
||||
enc_valSz = SetOidValue(enc_val, length+3+sizeof(akid_cs),
|
||||
akid_cs, sizeof(akid_cs), input, length);
|
||||
if (enc_valSz == 0) {
|
||||
XFREE(enc_val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(enc_val, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = SetOidValue(output, outSz, akid_oid,
|
||||
sizeof(akid_oid), enc_val, enc_valSz);
|
||||
|
||||
XFREE(enc_val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(enc_val, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -6521,7 +6524,7 @@ static int SetKeyUsage(byte* output, word32 outSz, word16 input)
|
||||
}
|
||||
|
||||
/* Encode OID string representation to ITU-T X.690 format */
|
||||
static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
static int EncodePolicyOID(byte *out, word32 *outSz, const char *in, void* heap)
|
||||
{
|
||||
word32 val, idx = 0, nb_val;
|
||||
char *token, *str, *ptr;
|
||||
@@ -6532,7 +6535,7 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
|
||||
len = (word32)XSTRLEN(in);
|
||||
|
||||
str = (char *)XMALLOC(len+1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
str = (char *)XMALLOC(len+1, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (str == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -6549,7 +6552,7 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
|
||||
if (nb_val == 0) {
|
||||
if (val > 2) {
|
||||
XFREE(str, NUL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ASN_OBJECT_ID_E;
|
||||
}
|
||||
|
||||
@@ -6557,12 +6560,12 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
}
|
||||
else if (nb_val == 1) {
|
||||
if (val > 127) {
|
||||
XFREE(str, NUL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ASN_OBJECT_ID_E;
|
||||
}
|
||||
|
||||
if (idx > *outSz) {
|
||||
XFREE(str, NUL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
@@ -6580,7 +6583,7 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
}
|
||||
|
||||
if ((idx+(word32)i) > *outSz) {
|
||||
XFREE(str, NUL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
@@ -6597,7 +6600,7 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
|
||||
*outSz = idx;
|
||||
|
||||
XFREE(str, NUL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -6608,7 +6611,8 @@ static int EncodePolicyOID(byte *out, word32 *outSz, const char *in)
|
||||
static int SetCertificatePolicies(byte *output,
|
||||
word32 outputSz,
|
||||
char input[MAX_CERTPOL_NB][MAX_CERTPOL_SZ],
|
||||
word16 nb_certpol)
|
||||
word16 nb_certpol,
|
||||
void* heap)
|
||||
{
|
||||
byte oid[MAX_OID_SZ],
|
||||
der_oid[MAX_CERTPOL_NB][MAX_OID_SZ],
|
||||
@@ -6627,7 +6631,7 @@ static int SetCertificatePolicies(byte *output,
|
||||
oidSz = sizeof(oid);
|
||||
XMEMSET(oid, 0, oidSz);
|
||||
|
||||
ret = EncodePolicyOID(oid, &oidSz, input[i]);
|
||||
ret = EncodePolicyOID(oid, &oidSz, input[i], heap);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
@@ -6982,7 +6986,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
|
||||
return AKID_E;
|
||||
|
||||
der->akidSz = SetAKID(der->akid, sizeof(der->akid),
|
||||
cert->akid, cert->akidSz);
|
||||
cert->akid, cert->akidSz, cert->heap);
|
||||
if (der->akidSz <= 0)
|
||||
return AKID_E;
|
||||
|
||||
@@ -7008,7 +7012,8 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
|
||||
der->certPoliciesSz = SetCertificatePolicies(der->certPolicies,
|
||||
sizeof(der->certPolicies),
|
||||
cert->certPolicies,
|
||||
cert->certPoliciesNb);
|
||||
cert->certPoliciesNb,
|
||||
cert->heap);
|
||||
if (der->certPoliciesSz <= 0)
|
||||
return CERTPOLICIES_E;
|
||||
|
||||
@@ -7679,7 +7684,8 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
|
||||
(kid_type != SKID_TYPE && kid_type != AKID_TYPE))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
buffer = (byte *)XMALLOC(MAX_PUBLIC_KEY_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
buffer = (byte *)XMALLOC(MAX_PUBLIC_KEY_SZ, cert->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buffer == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -7705,7 +7711,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
|
||||
bufferSz = -1;
|
||||
|
||||
if (bufferSz <= 0) {
|
||||
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buffer, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return PUBLIC_KEY_E;
|
||||
}
|
||||
|
||||
@@ -7734,7 +7740,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
|
||||
ret = BAD_FUNC_ARG;
|
||||
#endif /* NO_SHA */
|
||||
|
||||
XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buffer, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -7774,7 +7780,7 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
|
||||
if (cert == NULL || file == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
der = (byte*)XMALLOC(MAX_PUBLIC_KEY_SZ, NULL, DYNAMIC_TYPE_CERT);
|
||||
der = (byte*)XMALLOC(MAX_PUBLIC_KEY_SZ, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
if (der == NULL) {
|
||||
WOLFSSL_MSG("wc_SetSubjectKeyId memory Problem");
|
||||
return MEMORY_E;
|
||||
@@ -7783,21 +7789,21 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
|
||||
derSz = wolfSSL_PemPubKeyToDer(file, der, MAX_PUBLIC_KEY_SZ);
|
||||
if (derSz <= 0)
|
||||
{
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return derSz;
|
||||
}
|
||||
|
||||
/* Load PubKey in internal structure */
|
||||
rsakey = (RsaKey*) XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
|
||||
rsakey = (RsaKey*) XMALLOC(sizeof(RsaKey), cert->heap, DYNAMIC_TYPE_RSA);
|
||||
if (rsakey == NULL) {
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if (wc_InitRsaKey(rsakey, NULL) != 0) {
|
||||
if (wc_InitRsaKey(rsakey, cert->heap) != 0) {
|
||||
WOLFSSL_MSG("wc_InitRsaKey failure");
|
||||
XFREE(rsakey, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -7806,21 +7812,22 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG("wc_RsaPublicKeyDecode failed");
|
||||
wc_FreeRsaKey(rsakey);
|
||||
XFREE(rsakey, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
|
||||
rsakey = NULL;
|
||||
#ifdef HAVE_ECC
|
||||
/* Check to load ecc public key */
|
||||
eckey = (ecc_key*) XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
|
||||
eckey = (ecc_key*) XMALLOC(sizeof(ecc_key), cert->heap,
|
||||
DYNAMIC_TYPE_ECC);
|
||||
if (eckey == NULL) {
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if (wc_ecc_init(eckey) != 0) {
|
||||
WOLFSSL_MSG("wc_ecc_init failure");
|
||||
wc_ecc_free(eckey);
|
||||
XFREE(eckey, NULL, DYNAMIC_TYPE_ECC);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -7828,25 +7835,25 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
|
||||
ret = wc_EccPublicKeyDecode(der, &idx, eckey, derSz);
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG("wc_EccPublicKeyDecode failed");
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
wc_ecc_free(eckey);
|
||||
return PUBLIC_KEY_E;
|
||||
}
|
||||
#else
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return PUBLIC_KEY_E;
|
||||
#endif /* HAVE_ECC */
|
||||
}
|
||||
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
ret = wc_SetSubjectKeyIdFromPublicKey(cert, rsakey, eckey);
|
||||
|
||||
wc_FreeRsaKey(rsakey);
|
||||
XFREE(rsakey, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
|
||||
#ifdef HAVE_ECC
|
||||
wc_ecc_free(eckey);
|
||||
XFREE(eckey, NULL, DYNAMIC_TYPE_ECC);
|
||||
XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
@@ -7915,7 +7922,7 @@ int wc_SetAuthKeyId(Cert *cert, const char* file)
|
||||
if (cert == NULL || file == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
|
||||
der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
if (der == NULL) {
|
||||
WOLFSSL_MSG("wc_SetAuthKeyId OOF Problem");
|
||||
return MEMORY_E;
|
||||
@@ -7924,12 +7931,12 @@ int wc_SetAuthKeyId(Cert *cert, const char* file)
|
||||
derSz = wolfSSL_PemCertToDer(file, der, EIGHTK_BUF);
|
||||
if (derSz <= 0)
|
||||
{
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
return derSz;
|
||||
}
|
||||
|
||||
ret = wc_SetAuthKeyIdFromCert(cert, der, derSz);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -7947,7 +7954,8 @@ int wc_SetKeyUsage(Cert *cert, const char *value)
|
||||
|
||||
cert->keyUsage = 0;
|
||||
|
||||
str = (char *)XMALLOC(XSTRLEN(value)+1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
str = (char *)XMALLOC(XSTRLEN(value)+1, cert->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (str == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -7985,7 +7993,7 @@ int wc_SetKeyUsage(Cert *cert, const char *value)
|
||||
token = XSTRTOK(NULL, ",", &ptr);
|
||||
}
|
||||
|
||||
XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return 0;
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_EXT */
|
||||
@@ -8246,7 +8254,7 @@ int wc_SetIssuer(Cert* cert, const char* issuerFile)
|
||||
{
|
||||
int ret;
|
||||
int derSz;
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
if (der == NULL) {
|
||||
WOLFSSL_MSG("wc_SetIssuer OOF Problem");
|
||||
@@ -8255,7 +8263,7 @@ int wc_SetIssuer(Cert* cert, const char* issuerFile)
|
||||
derSz = wolfSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF);
|
||||
cert->selfSigned = 0;
|
||||
ret = SetNameFromCert(&cert->issuer, der, derSz);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -8266,7 +8274,7 @@ int wc_SetSubject(Cert* cert, const char* subjectFile)
|
||||
{
|
||||
int ret;
|
||||
int derSz;
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
if (der == NULL) {
|
||||
WOLFSSL_MSG("wc_SetSubject OOF Problem");
|
||||
@@ -8274,7 +8282,7 @@ int wc_SetSubject(Cert* cert, const char* subjectFile)
|
||||
}
|
||||
derSz = wolfSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF);
|
||||
ret = SetNameFromCert(&cert->subject, der, derSz);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -8287,7 +8295,7 @@ int wc_SetAltNames(Cert* cert, const char* file)
|
||||
{
|
||||
int ret;
|
||||
int derSz;
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
|
||||
byte* der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
if (der == NULL) {
|
||||
WOLFSSL_MSG("wc_SetAltNames OOF Problem");
|
||||
@@ -8295,7 +8303,7 @@ int wc_SetAltNames(Cert* cert, const char* file)
|
||||
}
|
||||
derSz = wolfSSL_PemCertToDer(file, der, EIGHTK_BUF);
|
||||
ret = SetAltNamesFromCert(cert, der, derSz);
|
||||
XFREE(der, NULL, DYNAMIC_TYPE_CERT);
|
||||
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -8646,7 +8654,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
/* private */
|
||||
privSz = key->dp->size;
|
||||
prv = (byte*)XMALLOC(privSz + privHdrSz + MAX_SEQ_SZ,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (prv == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -8654,7 +8662,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
prv[prvidx++] = (byte)key->dp->size;
|
||||
ret = wc_ecc_export_private_only(key, prv + prvidx, &privSz);
|
||||
if (ret < 0) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
prvidx += privSz;
|
||||
@@ -8662,14 +8670,14 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
/* public */
|
||||
ret = wc_ecc_export_x963(key, NULL, &pubSz);
|
||||
if (ret != LENGTH_ONLY_E) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
pub = (byte*)XMALLOC(pubSz + pubHdrSz + MAX_SEQ_SZ,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (pub == NULL) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -8683,8 +8691,8 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
pub[pubidx++] = (byte)0; /* leading zero */
|
||||
ret = wc_ecc_export_x963(key, pub + pubidx, &pubSz);
|
||||
if (ret != 0) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
pubidx += pubSz;
|
||||
@@ -8695,8 +8703,8 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
|
||||
totalSz = prvidx + pubidx + curveidx + verSz + seqSz;
|
||||
if (totalSz > (int)inLen) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
@@ -8712,7 +8720,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
/* private */
|
||||
XMEMCPY(output + idx, prv, prvidx);
|
||||
idx += prvidx;
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* curve */
|
||||
XMEMCPY(output + idx, curve, curveidx);
|
||||
@@ -8721,7 +8729,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
/* public */
|
||||
XMEMCPY(output + idx, pub, pubidx);
|
||||
/* idx += pubidx; not used after write, if more data remove comment */
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return totalSz;
|
||||
}
|
||||
@@ -9344,8 +9352,9 @@ int InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce)
|
||||
if (cert) {
|
||||
XMEMCPY(req->issuerHash, cert->issuerHash, KEYID_SIZE);
|
||||
XMEMCPY(req->issuerKeyHash, cert->issuerKeyHash, KEYID_SIZE);
|
||||
req->heap = cert->heap;
|
||||
|
||||
req->serial = (byte*)XMALLOC(cert->serialSz, NULL,
|
||||
req->serial = (byte*)XMALLOC(cert->serialSz, req->heap,
|
||||
DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
if (req->serial == NULL)
|
||||
return MEMORY_E;
|
||||
@@ -9354,10 +9363,10 @@ int InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce)
|
||||
req->serialSz = cert->serialSz;
|
||||
|
||||
if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) {
|
||||
req->url = (byte*)XMALLOC(cert->extAuthInfoSz, NULL,
|
||||
req->url = (byte*)XMALLOC(cert->extAuthInfoSz, req->heap,
|
||||
DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
if (req->url == NULL) {
|
||||
XFREE(req->serial, NULL, DYNAMIC_TYPE_OCSP);
|
||||
XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -9391,10 +9400,10 @@ void FreeOcspRequest(OcspRequest* req)
|
||||
|
||||
if (req) {
|
||||
if (req->serial)
|
||||
XFREE(req->serial, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
|
||||
if (req->url)
|
||||
XFREE(req->url, NULL, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
XFREE(req->url, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9572,7 +9581,8 @@ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
|
||||
rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), NULL, DYNAMIC_TYPE_CRL);
|
||||
rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), dcrl->heap,
|
||||
DYNAMIC_TYPE_CRL);
|
||||
if (rc == NULL) {
|
||||
WOLFSSL_MSG("Alloc Revoked Cert failed");
|
||||
return MEMORY_E;
|
||||
|
||||
+20
-10
@@ -56,6 +56,7 @@ enum {
|
||||
void wc_InitDsaKey(DsaKey* key)
|
||||
{
|
||||
key->type = -1; /* haven't decided yet */
|
||||
key->heap = NULL;
|
||||
|
||||
/* TomsFastMath doesn't use memory allocation */
|
||||
#ifndef USE_FAST_MATH
|
||||
@@ -69,6 +70,15 @@ void wc_InitDsaKey(DsaKey* key)
|
||||
}
|
||||
|
||||
|
||||
int wc_InitDsaKey_h(DsaKey* key, void* h)
|
||||
{
|
||||
wc_InitDsaKey(key);
|
||||
key->heap = h;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void wc_FreeDsaKey(DsaKey* key)
|
||||
{
|
||||
(void)key;
|
||||
@@ -98,13 +108,13 @@ int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* allocate ram */
|
||||
buf = (unsigned char *)XMALLOC(qsize, NULL,
|
||||
buf = (unsigned char *)XMALLOC(qsize, dsa->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if (mp_init(&dsa->x) != MP_OKAY) {
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
@@ -113,19 +123,19 @@ int wc_MakeDsaKey(WC_RNG *rng, DsaKey *dsa)
|
||||
err = wc_RNG_GenerateBlock(rng, buf, qsize);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = mp_read_unsigned_bin(&dsa->x, buf, qsize);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
} while (mp_cmp_d(&dsa->x, 1) != MP_GT);
|
||||
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if (mp_init(&dsa->y) != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
@@ -178,7 +188,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
|
||||
|
||||
/* allocate ram */
|
||||
buf = (unsigned char *)XMALLOC(msize - qsize,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -186,7 +196,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
|
||||
/* make a random string that will be multplied against q */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, msize - qsize);
|
||||
if (err != MP_OKAY) {
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
|
||||
@@ -198,7 +208,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
|
||||
|
||||
if (mp_init_multi(&tmp2, &dsa->p, &dsa->q, 0, 0, 0) != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
@@ -207,10 +217,10 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(buf, dsa->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* make our prime q */
|
||||
err = mp_rand_prime(&dsa->q, qsize, rng, NULL);
|
||||
|
||||
+153
-67
@@ -238,7 +238,7 @@ int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* modulus,
|
||||
static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order);
|
||||
#ifdef ECC_SHAMIR
|
||||
static int ecc_mul2add(ecc_point* A, mp_int* kA, ecc_point* B, mp_int* kB,
|
||||
ecc_point* C, mp_int* modulus);
|
||||
ecc_point* C, mp_int* modulus, void* heap);
|
||||
#endif
|
||||
|
||||
int mp_jacobi(mp_int* a, mp_int* p, int* c);
|
||||
@@ -833,8 +833,8 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
|
||||
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
#else
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
static int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map, void* heap)
|
||||
#endif
|
||||
{
|
||||
ecc_point *tG, *M[8];
|
||||
@@ -862,10 +862,10 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
|
||||
/* alloc ram for window temps */
|
||||
for (i = 0; i < 8; i++) {
|
||||
M[i] = wc_ecc_new_point();
|
||||
M[i] = wc_ecc_new_point_h(heap);
|
||||
if (M[i] == NULL) {
|
||||
for (j = 0; j < i; j++) {
|
||||
wc_ecc_del_point(M[j]);
|
||||
wc_ecc_del_point_h(M[j], heap);
|
||||
}
|
||||
mp_clear(&mu);
|
||||
return MEMORY_E;
|
||||
@@ -873,7 +873,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
}
|
||||
|
||||
/* make a copy of G in case R==G */
|
||||
tG = wc_ecc_new_point();
|
||||
tG = wc_ecc_new_point_h(heap);
|
||||
if (tG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
@@ -1023,13 +1023,20 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
err = ecc_map(R, modulus, &mp);
|
||||
|
||||
mp_clear(&mu);
|
||||
wc_ecc_del_point(tG);
|
||||
wc_ecc_del_point_h(tG, heap);
|
||||
for (i = 0; i < 8; i++) {
|
||||
wc_ecc_del_point(M[i]);
|
||||
wc_ecc_del_point_h(M[i], heap);
|
||||
}
|
||||
return err;
|
||||
}
|
||||
|
||||
#ifndef FP_ECC
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
{
|
||||
return wc_ecc_mulmod_ex(k, G, R, modulus, map, NULL);
|
||||
}
|
||||
#endif /* ! FP_ECC */
|
||||
#undef WINSIZE
|
||||
|
||||
#else /* ECC_TIMING_RESISTANT */
|
||||
@@ -1046,10 +1053,10 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
*/
|
||||
#ifdef FP_ECC
|
||||
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
mp_int* modulus, int map, void* heap)
|
||||
#else
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
static int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map, void* heap)
|
||||
#endif
|
||||
{
|
||||
ecc_point *tG, *M[3];
|
||||
@@ -1076,7 +1083,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
|
||||
/* alloc ram for window temps */
|
||||
for (i = 0; i < 3; i++) {
|
||||
M[i] = wc_ecc_new_point();
|
||||
M[i] = wc_ecc_new_point_h(heap);
|
||||
if (M[i] == NULL) {
|
||||
for (j = 0; j < i; j++) {
|
||||
wc_ecc_del_point(M[j]);
|
||||
@@ -1087,7 +1094,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
}
|
||||
|
||||
/* make a copy of G in case R==G */
|
||||
tG = wc_ecc_new_point();
|
||||
tG = wc_ecc_new_point_h(heap);
|
||||
if (tG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
@@ -1183,13 +1190,21 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
|
||||
/* done */
|
||||
mp_clear(&mu);
|
||||
wc_ecc_del_point(tG);
|
||||
wc_ecc_del_point_h(tG, heap);
|
||||
for (i = 0; i < 3; i++) {
|
||||
wc_ecc_del_point(M[i]);
|
||||
wc_ecc_del_point_h(M[i], heap);
|
||||
}
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
#ifndef FP_ECC
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
{
|
||||
return wc_ecc_mulmod_ex(k, G, R, modulus, map, NULL);
|
||||
}
|
||||
#endif /* ! FP_ECC */
|
||||
#endif /* ECC_TIMING_RESISTANT */
|
||||
|
||||
|
||||
@@ -1205,14 +1220,14 @@ static void alt_fp_init(fp_int* a)
|
||||
|
||||
|
||||
/**
|
||||
Allocate a new ECC point
|
||||
return A newly allocated point or NULL on error
|
||||
*/
|
||||
ecc_point* wc_ecc_new_point(void)
|
||||
* use a heap hint when creating new ecc_point
|
||||
* return an allocated point on success or NULL on failure
|
||||
*/
|
||||
ecc_point* wc_ecc_new_point_h(void* heap)
|
||||
{
|
||||
ecc_point* p;
|
||||
|
||||
p = (ecc_point*)XMALLOC(sizeof(ecc_point), 0, DYNAMIC_TYPE_ECC);
|
||||
p = (ecc_point*)XMALLOC(sizeof(ecc_point), heap, DYNAMIC_TYPE_ECC);
|
||||
if (p == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
@@ -1241,20 +1256,39 @@ ecc_point* wc_ecc_new_point(void)
|
||||
return p;
|
||||
}
|
||||
|
||||
/** Free an ECC point from memory
|
||||
p The point to free
|
||||
|
||||
/**
|
||||
Allocate a new ECC point
|
||||
return A newly allocated point or NULL on error
|
||||
*/
|
||||
void wc_ecc_del_point(ecc_point* p)
|
||||
ecc_point* wc_ecc_new_point(void)
|
||||
{
|
||||
return wc_ecc_new_point_h(NULL);
|
||||
}
|
||||
|
||||
|
||||
void wc_ecc_del_point_h(ecc_point* p, void* heap)
|
||||
{
|
||||
/* prevents free'ing null arguments */
|
||||
if (p != NULL) {
|
||||
mp_clear(p->x);
|
||||
mp_clear(p->y);
|
||||
mp_clear(p->z);
|
||||
XFREE(p, 0, DYNAMIC_TYPE_ECC);
|
||||
XFREE(p, heap, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
(void)heap;
|
||||
}
|
||||
|
||||
|
||||
/** Free an ECC point from memory
|
||||
p The point to free
|
||||
*/
|
||||
void wc_ecc_del_point(ecc_point* p)
|
||||
{
|
||||
wc_ecc_del_point_h(p, NULL);
|
||||
}
|
||||
|
||||
|
||||
/** Copy the value of a point to an other one
|
||||
p The point to copy
|
||||
r The created point
|
||||
@@ -1328,7 +1362,7 @@ int wc_ecc_is_valid_idx(int n)
|
||||
#ifdef HAVE_ECC_DHE
|
||||
/**
|
||||
Create an ECC shared secret between two keys
|
||||
private_key The private ECC key
|
||||
private_key The private ECC key (heap hint based off of private key)
|
||||
public_key The public key
|
||||
out [out] Destination of the shared secret
|
||||
Conforms to EC-DH from ANSI X9.63
|
||||
@@ -1362,7 +1396,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* make new point */
|
||||
result = wc_ecc_new_point();
|
||||
result = wc_ecc_new_point_h(private_key->heap);
|
||||
if (result == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -1375,7 +1409,8 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
||||
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
|
||||
err = wc_ecc_mulmod_ex(&private_key->k, &public_key->pubkey, result,
|
||||
&prime, 1, private_key->heap);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
x = mp_unsigned_bin_size(&prime);
|
||||
@@ -1391,14 +1426,14 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
||||
}
|
||||
|
||||
mp_clear(&prime);
|
||||
wc_ecc_del_point(result);
|
||||
wc_ecc_del_point_h(result, private_key->heap);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
/**
|
||||
Create an ECC shared secret between private key and public point
|
||||
private_key The private ECC key
|
||||
private_key The private ECC key (heap hint based on private key)
|
||||
point The point to use (public key)
|
||||
out [out] Destination of the shared secret
|
||||
Conforms to EC-DH from ANSI X9.63
|
||||
@@ -1426,13 +1461,13 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* make new point */
|
||||
result = wc_ecc_new_point();
|
||||
result = wc_ecc_new_point_h(private_key->heap);
|
||||
if (result == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if ((err = mp_init(&prime)) != MP_OKAY) {
|
||||
wc_ecc_del_point(result);
|
||||
wc_ecc_del_point_h(result, private_key->heap);
|
||||
return err;
|
||||
}
|
||||
|
||||
@@ -1455,7 +1490,7 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
|
||||
}
|
||||
|
||||
mp_clear(&prime);
|
||||
wc_ecc_del_point(result);
|
||||
wc_ecc_del_point_h(result, private_key->heap);
|
||||
|
||||
return err;
|
||||
}
|
||||
@@ -1531,7 +1566,7 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
base = wc_ecc_new_point();
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
}
|
||||
@@ -1564,7 +1599,8 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
||||
}
|
||||
/* make the public key */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, &key->pubkey, &prime, 1,
|
||||
key->heap);
|
||||
|
||||
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
|
||||
/* validate the public key, order * pubkey = point at infinity */
|
||||
@@ -1582,7 +1618,7 @@ static int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
||||
mp_clear(key->pubkey.z);
|
||||
mp_forcezero(&key->k);
|
||||
}
|
||||
wc_ecc_del_point(base);
|
||||
wc_ecc_del_point_h(base, key->heap);
|
||||
if (po_init) {
|
||||
mp_clear(&prime);
|
||||
mp_clear(&order);
|
||||
@@ -1650,10 +1686,33 @@ int wc_ecc_init(ecc_key* key)
|
||||
alt_fp_init(key->pubkey.z);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
key->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
key->heap = NULL;
|
||||
#endif
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
|
||||
int wc_ecc_init_h(ecc_key* key, void* heap)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if ((ret = wc_ecc_init(key)) != MP_OKAY) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
key->heap = heap;
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
#ifdef HAVE_ECC_SIGN
|
||||
|
||||
#ifndef NO_ASN
|
||||
@@ -1835,11 +1894,11 @@ void wc_ecc_free(ecc_key* key)
|
||||
#ifdef FP_ECC
|
||||
static int normal_ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
ecc_point* B, mp_int* kB,
|
||||
ecc_point* C, mp_int* modulus)
|
||||
ecc_point* C, mp_int* modulus, void* heap)
|
||||
#else
|
||||
static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
ecc_point* B, mp_int* kB,
|
||||
ecc_point* C, mp_int* modulus)
|
||||
ecc_point* C, mp_int* modulus, void* heap)
|
||||
#endif
|
||||
{
|
||||
ecc_point* precomp[16];
|
||||
@@ -1859,11 +1918,11 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
|
||||
|
||||
/* allocate memory */
|
||||
tA = (unsigned char*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tA = (unsigned char*)XMALLOC(ECC_BUFSIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tA == NULL) {
|
||||
return GEN_MEM_ERR;
|
||||
}
|
||||
tB = (unsigned char*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tB = (unsigned char*)XMALLOC(ECC_BUFSIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tB == NULL) {
|
||||
XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return GEN_MEM_ERR;
|
||||
@@ -1892,10 +1951,10 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
/* allocate the table */
|
||||
if (err == MP_OKAY) {
|
||||
for (x = 0; x < 16; x++) {
|
||||
precomp[x] = wc_ecc_new_point();
|
||||
precomp[x] = wc_ecc_new_point_h(heap);
|
||||
if (precomp[x] == NULL) {
|
||||
for (y = 0; y < x; ++y) {
|
||||
wc_ecc_del_point(precomp[y]);
|
||||
wc_ecc_del_point_h(precomp[y], heap);
|
||||
}
|
||||
err = GEN_MEM_ERR;
|
||||
break;
|
||||
@@ -2036,13 +2095,13 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
|
||||
if (tableInit) {
|
||||
for (x = 0; x < 16; x++) {
|
||||
wc_ecc_del_point(precomp[x]);
|
||||
wc_ecc_del_point_h(precomp[x], heap);
|
||||
}
|
||||
}
|
||||
ForceZero(tA, ECC_BUFSIZE);
|
||||
ForceZero(tB, ECC_BUFSIZE);
|
||||
XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tB, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tA, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tB, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return err;
|
||||
}
|
||||
@@ -2155,8 +2214,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
}
|
||||
|
||||
/* allocate points */
|
||||
mG = wc_ecc_new_point();
|
||||
mQ = wc_ecc_new_point();
|
||||
mG = wc_ecc_new_point_h(key->heap);
|
||||
mQ = wc_ecc_new_point_h(key->heap);
|
||||
if (mQ == NULL || mG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
@@ -2223,9 +2282,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
|
||||
/* compute u1*mG + u2*mQ = mG */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod(&u1, mG, mG, &m, 0);
|
||||
err = wc_ecc_mulmod_ex(&u1, mG, mG, &m, 0, key->heap);
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod(&u2, mQ, mQ, &m, 0);
|
||||
err = wc_ecc_mulmod_ex(&u2, mQ, mQ, &m, 0, key->heap);
|
||||
|
||||
/* find the montgomery mp */
|
||||
if (err == MP_OKAY)
|
||||
@@ -2242,7 +2301,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
#else
|
||||
/* use Shamir's trick to compute u1*mG + u2*mQ using half the doubles */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mul2add(mG, &u1, mQ, &u2, mG, &m);
|
||||
err = ecc_mul2add(mG, &u1, mQ, &u2, mG, &m, key->heap);
|
||||
#endif /* ECC_SHAMIR */
|
||||
|
||||
/* v = X_x1 mod n */
|
||||
@@ -2255,8 +2314,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
*stat = 1;
|
||||
}
|
||||
|
||||
wc_ecc_del_point(mG);
|
||||
wc_ecc_del_point(mQ);
|
||||
wc_ecc_del_point_h(mG, key->heap);
|
||||
wc_ecc_del_point_h(mQ, key->heap);
|
||||
|
||||
mp_clear(&v);
|
||||
mp_clear(&w);
|
||||
@@ -2619,7 +2678,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
||||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
base = wc_ecc_new_point();
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -2631,11 +2690,11 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
||||
mp_set(base->z, 1);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
res = wc_ecc_new_point();
|
||||
res = wc_ecc_new_point_h(key->heap);
|
||||
if (res == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = wc_ecc_mulmod(&key->k, base, res, prime, 1);
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, res, prime, 1, key->heap);
|
||||
if (err == MP_OKAY) {
|
||||
/* compare result to public key */
|
||||
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
|
||||
@@ -2648,8 +2707,8 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
||||
}
|
||||
}
|
||||
|
||||
wc_ecc_del_point(res);
|
||||
wc_ecc_del_point(base);
|
||||
wc_ecc_del_point_h(res, key->heap);
|
||||
wc_ecc_del_point_h(base, key->heap);
|
||||
|
||||
return err;
|
||||
}
|
||||
@@ -2692,16 +2751,16 @@ static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order)
|
||||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
inf = wc_ecc_new_point();
|
||||
inf = wc_ecc_new_point_h(key->heap);
|
||||
if (inf == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = wc_ecc_mulmod(order, &key->pubkey, inf, prime, 1);
|
||||
err = wc_ecc_mulmod_ex(order, &key->pubkey, inf, prime, 1, key->heap);
|
||||
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
|
||||
err = ECC_INF_E;
|
||||
}
|
||||
|
||||
wc_ecc_del_point(inf);
|
||||
wc_ecc_del_point_h(inf, key->heap);
|
||||
|
||||
return err;
|
||||
}
|
||||
@@ -4306,7 +4365,8 @@ static int accel_fp_mul2add(int idx1, int idx2,
|
||||
return ecc_map(R, modulus, mp);
|
||||
}
|
||||
|
||||
/** ECC Fixed Point mulmod global
|
||||
|
||||
/** ECC Fixed Point mulmod global with heap hint used
|
||||
Computes kA*A + kB*B = C using Shamir's Trick
|
||||
A First point to multiply
|
||||
kA What to multiple A by
|
||||
@@ -4318,7 +4378,7 @@ static int accel_fp_mul2add(int idx1, int idx2,
|
||||
*/
|
||||
int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
ecc_point* B, mp_int* kB,
|
||||
ecc_point* C, mp_int* modulus)
|
||||
ecc_point* C, mp_int* modulus, void* heap)
|
||||
{
|
||||
int idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0;
|
||||
mp_digit mp;
|
||||
@@ -4416,7 +4476,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
if (err == MP_OKAY)
|
||||
err = accel_fp_mul2add(idx1, idx2, kA, kB, C, modulus, &mp);
|
||||
} else {
|
||||
err = normal_ecc_mul2add(A, kA, B, kB, C, modulus);
|
||||
err = normal_ecc_mul2add(A, kA, B, kB, C, modulus, heap);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4440,6 +4500,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
*/
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
{
|
||||
return wc_ecc_mulmod_h(k, G, R, modulus, map, NULL);
|
||||
}
|
||||
|
||||
|
||||
/** ECC Fixed Point mulmod global
|
||||
k The multiplicand
|
||||
G Base point to multiply
|
||||
R [out] Destination of product
|
||||
modulus The modulus for the curve
|
||||
map [boolean] If non-zero maps the point back to affine co-ordinates,
|
||||
otherwise it's left in jacobian-montgomery form
|
||||
return MP_OKAY if successful
|
||||
*/
|
||||
int wc_ecc_mulmod_h(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map, void* heap)
|
||||
{
|
||||
int idx, err = MP_OKAY;
|
||||
mp_digit mp;
|
||||
@@ -4503,7 +4579,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
if (err == MP_OKAY)
|
||||
err = accel_fp_mul(idx, k, R, modulus, &mp, map);
|
||||
} else {
|
||||
err = normal_ecc_mulmod(k, G, R, modulus, map);
|
||||
err = normal_ecc_mulmod(k, G, R, modulus, map, heap);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4589,6 +4665,7 @@ struct ecEncCtx {
|
||||
word32 kdfSaltSz; /* size of kdfSalt */
|
||||
word32 kdfInfoSz; /* size of kdfInfo */
|
||||
word32 macSaltSz; /* size of macSalt */
|
||||
void* heap; /* heap hint for memory used */
|
||||
byte clientSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
|
||||
byte serverSalt[EXCHANGE_SALT_SZ]; /* for msg exchange */
|
||||
byte encAlgo; /* which encryption type */
|
||||
@@ -4736,14 +4813,16 @@ int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng)
|
||||
}
|
||||
|
||||
|
||||
/* alloc/init and set defaults, return new Context */
|
||||
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng)
|
||||
ecEncCtx* wc_ecc_ctx_new_h(int flags, WC_RNG* rng, void* heap)
|
||||
{
|
||||
int ret = 0;
|
||||
ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC);
|
||||
ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), heap,
|
||||
DYNAMIC_TYPE_ECC);
|
||||
|
||||
if (ctx)
|
||||
if (ctx) {
|
||||
ctx->protocol = (byte)flags;
|
||||
ctx->heap = heap;
|
||||
}
|
||||
|
||||
ret = wc_ecc_ctx_reset(ctx, rng);
|
||||
if (ret != 0) {
|
||||
@@ -4755,6 +4834,13 @@ ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng)
|
||||
}
|
||||
|
||||
|
||||
/* alloc/init and set defaults, return new Context */
|
||||
ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng)
|
||||
{
|
||||
return wc_ecc_ctx_new_h(flags, rng, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* free any resources, clear any keys */
|
||||
void wc_ecc_ctx_free(ecEncCtx* ctx)
|
||||
{
|
||||
|
||||
+23
-2
@@ -288,10 +288,31 @@ static INLINE int DoKey(HC128* ctx, const byte* key, const byte* iv)
|
||||
}
|
||||
|
||||
|
||||
int wc_Hc128_SetHeap(HC128* ctx, void* heap)
|
||||
{
|
||||
if (ctx == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#ifdef XSTREAM_ALIGN
|
||||
ctx->heap = heap;
|
||||
#endif
|
||||
|
||||
(void)heap;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Key setup */
|
||||
int wc_Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv)
|
||||
{
|
||||
#ifdef XSTREAM_ALIGN
|
||||
/* default heap to NULL or heap test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
ctx->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
ctx->heap = NULL;
|
||||
#endif /* WOLFSSL_HEAP_TEST */
|
||||
|
||||
if ((wolfssl_word)key % 4) {
|
||||
int alignKey[4];
|
||||
|
||||
@@ -369,14 +390,14 @@ int wc_Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen)
|
||||
byte* tmp;
|
||||
WOLFSSL_MSG("Hc128Process unaligned");
|
||||
|
||||
tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tmp = (byte*)XMALLOC(msglen, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmp == NULL) return MEMORY_E;
|
||||
|
||||
XMEMCPY(tmp, input, msglen);
|
||||
DoProcess(ctx, tmp, tmp, msglen);
|
||||
XMEMCPY(output, tmp, msglen);
|
||||
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return 0;
|
||||
#else
|
||||
|
||||
@@ -626,6 +626,13 @@ int wc_HmacInitCavium(Hmac* hmac, int devId)
|
||||
|
||||
hmac->innerHashKeyed = 0;
|
||||
|
||||
/* default to NULL heap hint or test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
hmac->heap = (void)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
hmac->heap = NULL;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -681,7 +688,7 @@ static int HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
|
||||
return -1;
|
||||
}
|
||||
|
||||
tmp = XMALLOC(hmac->dataLen + add, NULL,DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
tmp = XMALLOC(hmac->dataLen + add, hmac->heap ,DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
if (tmp == NULL) {
|
||||
WOLFSSL_MSG("Out of memory for cavium update");
|
||||
return -1;
|
||||
@@ -691,7 +698,7 @@ static int HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length)
|
||||
XMEMCPY(tmp + hmac->dataLen, msg, add);
|
||||
|
||||
hmac->dataLen += add;
|
||||
XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(hmac->data, hmac->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
hmac->data = tmp;
|
||||
|
||||
return 0;
|
||||
|
||||
+315
-357
@@ -74,6 +74,7 @@ int wolfSSL_SetAllocators(wolfSSL_Malloc_cb mf,
|
||||
return res;
|
||||
}
|
||||
|
||||
#ifndef WOLFSSL_STATIC_MEMORY
|
||||
#ifdef WOLFSSL_DEBUG_MEMORY
|
||||
void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line)
|
||||
#else
|
||||
@@ -140,29 +141,19 @@ void* wolfSSL_Realloc(void *ptr, size_t size)
|
||||
|
||||
return res;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
|
||||
typedef struct wc_Memory {
|
||||
word32 sz;
|
||||
byte* buffer;
|
||||
byte kill;
|
||||
struct wc_Memory* next;
|
||||
} wc_Memory;
|
||||
#if WC_STATIC_ALIGN < 10
|
||||
#if WOLFSSL_STATIC_ALIGN < 10
|
||||
#error Alignment is less than wc_Memory struct
|
||||
#endif
|
||||
|
||||
/* size of chunks of memory to seperate into */
|
||||
#define WC_MAX_BUCKETS 9
|
||||
static word32 bucket[] = { 64, 128, 256, 512, 1024, 2400, 3408, 4544, 16000 };
|
||||
static word32 bucketDist[] = { 8, 4, 4, 12, 4, 5, 2, 1, 1 };
|
||||
static wc_Memory* available[WC_MAX_BUCKETS];
|
||||
static word32 inUse = 0; /* amount of static memory in use by wolfSSL */
|
||||
static byte useStaticMemory = 1;
|
||||
static volatile byte createMutex = 1;
|
||||
static wolfSSL_Mutex memory_mutex;
|
||||
|
||||
|
||||
/* returns amount of memory used on success. On error returns negative value
|
||||
wc_Memory** list is the list that new buckets are prepended to
|
||||
@@ -174,21 +165,16 @@ static int create_memory_buckets(byte* buffer, word32 bufSz,
|
||||
int ret = 0;
|
||||
|
||||
/* if not enough space available for bucket size then do not try */
|
||||
if (buckSz + WC_STATIC_ALIGN > bufSz) {
|
||||
if (buckSz + WOLFSSL_STATIC_ALIGN > bufSz) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
for (i = 0; i < buckNum; i++) {
|
||||
if ((buckSz + WC_STATIC_ALIGN) <= (bufSz - ret)) {
|
||||
if ((buckSz + WOLFSSL_STATIC_ALIGN) <= (bufSz - ret)) {
|
||||
/* create a new struct and set its values */
|
||||
wc_Memory* mem = (struct wc_Memory*)pt;
|
||||
mem->sz = buckSz;
|
||||
mem->buffer = (byte*)pt + WC_STATIC_ALIGN;
|
||||
mem->kill = 0;
|
||||
mem->buffer = (byte*)pt + WOLFSSL_STATIC_ALIGN;
|
||||
mem->next = NULL;
|
||||
|
||||
/* add the newly created struct to front of list */
|
||||
@@ -200,109 +186,27 @@ static int create_memory_buckets(byte* buffer, word32 bufSz,
|
||||
}
|
||||
|
||||
/* advance pointer and keep track of memory used */
|
||||
ret += buckSz + WC_STATIC_ALIGN;
|
||||
pt += WC_STATIC_ALIGN + buckSz;
|
||||
ret += buckSz + WOLFSSL_STATIC_ALIGN;
|
||||
pt += WOLFSSL_STATIC_ALIGN + buckSz;
|
||||
}
|
||||
else {
|
||||
break; /* not enough space left for more buckets of this size */
|
||||
}
|
||||
}
|
||||
|
||||
UnLockMutex(&memory_mutex);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* Starts at left most address and free until either used memory is encounterd
|
||||
or end of buffer is.
|
||||
Returns amount of buffer freed on success and a negative value on fail.
|
||||
*/
|
||||
int wolfSSL_unload_static_memory(byte* buffer, word32 sz, word32* amt)
|
||||
{
|
||||
wc_Memory* cur = NULL;
|
||||
wc_Memory* fre = NULL;
|
||||
wc_Memory* prv = NULL;
|
||||
int i;
|
||||
word32 idx = 0;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_unload_static_memory");
|
||||
|
||||
if (buffer == NULL || sz == 0 || amt == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
/* too small of memory to be placed as a bucket */
|
||||
if (sz < bucket[0] + WC_STATIC_ALIGN) {
|
||||
*amt = sz;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* advance past alignment padding */
|
||||
while ((word64)(buffer + idx) % WC_STATIC_ALIGN && idx < sz) { idx++; }
|
||||
|
||||
/* buffer should be already divided up into wc_Memory structs */
|
||||
while (idx < (sz - bucket[0] - WC_STATIC_ALIGN)) {
|
||||
cur = (struct wc_Memory*)(buffer + idx);
|
||||
prv = NULL;
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if (bucket[i] >= cur->sz) break;
|
||||
}
|
||||
fre = available[i];
|
||||
|
||||
/* find the matching address of the memory in available stack */
|
||||
while (fre != NULL && (cur != fre)) {
|
||||
prv = fre;
|
||||
fre = fre->next;
|
||||
}
|
||||
|
||||
if (fre == NULL) {
|
||||
WOLFSSL_MSG("Could not find static memory address to free");
|
||||
break;
|
||||
}
|
||||
|
||||
/* fix linked list to jump over the link to free */
|
||||
if (prv) {
|
||||
prv->next = fre->next;
|
||||
}
|
||||
|
||||
/* case if memory is head of stack */
|
||||
if (available[i] == fre) {
|
||||
available[i] = fre->next;
|
||||
}
|
||||
|
||||
idx += WC_STATIC_ALIGN + fre->sz;
|
||||
fre = NULL;
|
||||
}
|
||||
|
||||
UnLockMutex(&memory_mutex);
|
||||
|
||||
/* account for some left over memory that could not be used for a bucket */
|
||||
if (idx > (sz - (bucket[0] + WC_STATIC_ALIGN))) {
|
||||
*amt = sz; /* all posssible was freed */
|
||||
return 1;
|
||||
}
|
||||
else {
|
||||
*amt = idx;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_load_static_memory(byte* buffer, word32 sz)
|
||||
int wolfSSL_load_static_memory(byte* buffer, word32 sz, int flag,
|
||||
WOLFSSL_HEAP* heap)
|
||||
{
|
||||
word32 ava = sz;
|
||||
byte* pt = buffer;
|
||||
int ret = 0;
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
word32 created_buckets[WC_MAX_BUCKETS];
|
||||
word32 created_buckets[WOLFMEM_MAX_BUCKETS];
|
||||
int j;
|
||||
XMEMSET(created_buckets, 0, sizeof(created_buckets));
|
||||
#endif
|
||||
@@ -313,185 +217,239 @@ int wolfSSL_load_static_memory(byte* buffer, word32 sz)
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("\t%u bytes passed in\n", sz);
|
||||
printf("\tAddress %p - %p\n", buffer, buffer + sz);
|
||||
#endif
|
||||
|
||||
/* align pt */
|
||||
while ((word64)pt % WC_STATIC_ALIGN && pt < (buffer + sz)) {
|
||||
while ((word64)pt % WOLFSSL_STATIC_ALIGN && pt < (buffer + sz)) {
|
||||
*pt = 0x00;
|
||||
pt++;
|
||||
}
|
||||
|
||||
if (createMutex) {
|
||||
if (InitMutex(&memory_mutex) != 0) {
|
||||
WOLFSSL_MSG("Bad mutex init");
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
createMutex = 0;
|
||||
if (InitMutex(&(heap->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad mutex init");
|
||||
return BAD_MUTEX_E;
|
||||
}
|
||||
|
||||
/* devide into chunks of memory and add them to available list */
|
||||
while (ava >= (bucket[0] + WC_STATIC_ALIGN)) {
|
||||
while (ava >= (heap->sizeList[0] + WOLFSSL_STATIC_ALIGN)) {
|
||||
int i;
|
||||
/* start at largest and move to smaller buckets */
|
||||
for (i = (WC_MAX_BUCKETS - 1); i >= 0; i--) {
|
||||
if ((bucket[i] + WC_STATIC_ALIGN) <= ava) {
|
||||
if ((ret = create_memory_buckets(pt, ava,
|
||||
bucket[i], bucketDist[i], &available[i])) < 0) {
|
||||
WOLFSSL_LEAVE("wolfSSL_load_static_memory", ret);
|
||||
return ret;
|
||||
}
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
/* if defined keep track of buckets created for printing stats*/
|
||||
for (j = 0; (j + bucket[i] + WC_STATIC_ALIGN) <=(word32)ret;
|
||||
j += bucket[i] + WC_STATIC_ALIGN) {
|
||||
created_buckets[i]++;
|
||||
}
|
||||
#endif
|
||||
/* creating only IO buffers from memory passed in, max TLS is 16k */
|
||||
if (flag & WOLFMEM_IO_POOL || flag & WOLFMEM_IO_POOL_FIXED) {
|
||||
if ((ret = create_memory_buckets(pt, ava,
|
||||
WOLFMEM_IO_SZ, 1, &(heap->io))) < 0) {
|
||||
WOLFSSL_LEAVE("wolfSSL_load_static_memory", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* advance pointer in buffer for next buckets and keep track
|
||||
of how much memory is left available */
|
||||
pt += ret;
|
||||
ava -= ret;
|
||||
/* check if no more room left for creating IO buffers */
|
||||
if (ret == 0) {
|
||||
break;
|
||||
}
|
||||
|
||||
/* advance pointer in buffer for next buckets and keep track
|
||||
of how much memory is left available */
|
||||
pt += ret;
|
||||
ava -= ret;
|
||||
}
|
||||
else {
|
||||
/* start at largest and move to smaller buckets */
|
||||
for (i = (WOLFMEM_MAX_BUCKETS - 1); i >= 0; i--) {
|
||||
if ((heap->sizeList[i] + WOLFSSL_STATIC_ALIGN) <= ava) {
|
||||
if ((ret = create_memory_buckets(pt, ava, heap->sizeList[i],
|
||||
heap->distList[i], &(heap->ava[i]))) < 0) {
|
||||
WOLFSSL_LEAVE("wolfSSL_load_static_memory", ret);
|
||||
return ret;
|
||||
}
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
/* if defined keep track of buckets created for stats*/
|
||||
for (j = 0; (j + heap->sizeList[i] +
|
||||
WOLFSSL_STATIC_ALIGN) <= (word32)ret; j +=
|
||||
heap->sizeList[i] + WOLFSSL_STATIC_ALIGN) {
|
||||
created_buckets[i]++;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* advance pointer in buffer for next buckets and keep track
|
||||
of how much memory is left available */
|
||||
pt += ret;
|
||||
ava -= ret;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
/* if defined print out stats of number of buckets created */
|
||||
printf("Created Memory Buckets :\n");
|
||||
for (j = 0; j < WC_MAX_BUCKETS; j++) {
|
||||
printf("Created %d\tof bucket size %d\n", created_buckets[j],
|
||||
bucket[j]);
|
||||
}
|
||||
#endif
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
int wolfSSL_use_static_memory(byte flag)
|
||||
int FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io)
|
||||
{
|
||||
WOLFSSL_MSG("Freeing fixed IO buffer");
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_use_static_memory");
|
||||
/* check if fixed buffer was set */
|
||||
if (*io == NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
useStaticMemory = flag;
|
||||
if (heap == NULL) {
|
||||
WOLFSSL_MSG("No heap to return fixed IO too");
|
||||
}
|
||||
|
||||
return 0;
|
||||
/* put IO buffer back into IO pool */
|
||||
(*io)->next = heap->io;
|
||||
heap->io = *io;
|
||||
*io = NULL;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
word32 wolfSSL_static_memory_inUse()
|
||||
int SetFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io)
|
||||
{
|
||||
WOLFSSL_MSG("Setting fixed IO for SSL");
|
||||
if (heap == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_static_memory_inUse");
|
||||
*io = heap->io;
|
||||
|
||||
return inUse;
|
||||
if (*io != NULL) {
|
||||
heap->io = (*io)->next;
|
||||
(*io)->next = NULL;
|
||||
}
|
||||
else { /* failed to grab an IO buffer */
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
void* wolfSSL_Malloc_Static(size_t size)
|
||||
int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap, WOLFSSL_MEM_STATS* stats)
|
||||
{
|
||||
word32 i;
|
||||
wc_Memory* pt;
|
||||
|
||||
XMEMSET(stats, 0, sizeof(WOLFSSL_MEM_STATS));
|
||||
|
||||
stats->totalAlloc = heap->alloc;
|
||||
stats->totalFr = heap->frAlc;
|
||||
stats->curAlloc = stats->totalAlloc - stats->totalFr;
|
||||
stats->maxHa = heap->maxHa;
|
||||
stats->maxIO = heap->maxIO;
|
||||
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
|
||||
stats->blockSz[i] = heap->sizeList[i];
|
||||
for (pt = heap->ava[i]; pt != NULL; pt = pt->next) {
|
||||
stats->avaBlock[i] += 1;
|
||||
}
|
||||
}
|
||||
|
||||
for (pt = heap->io; pt != NULL; pt = pt->next) {
|
||||
stats->avaIO++;
|
||||
}
|
||||
|
||||
stats->flag = heap->flag; /* flag used */
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
void* wolfSSL_Malloc(size_t size, void* heap, int type)
|
||||
{
|
||||
void* res = 0;
|
||||
wc_Memory* pt = NULL;
|
||||
int i;
|
||||
|
||||
if (useStaticMemory == 0) {
|
||||
pt = malloc(size + WC_STATIC_ALIGN);
|
||||
pt->buffer = (byte*)pt + WC_STATIC_ALIGN;
|
||||
pt->sz = (word32)size;
|
||||
pt->kill = 1;
|
||||
pt->next = NULL;
|
||||
res = pt->buffer;
|
||||
/* check for testing heap hint was set */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (heap == (void*)WOLFSSL_HEAP_TEST) {
|
||||
return malloc(size);
|
||||
}
|
||||
#endif
|
||||
|
||||
/* if no heap hint then use dynamic memory*/
|
||||
if (heap == NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
/* allow using malloc for creating ctx and method */
|
||||
if (type == DYNAMIC_TYPE_CTX || type == DYNAMIC_TYPE_METHOD ||
|
||||
type == DYNAMIC_TYPE_CERT_MANAGER) {
|
||||
WOLFSSL_MSG("ERROR allowing null heap hint for ctx/method\n");
|
||||
res = malloc(size);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("ERROR null heap hint passed into XMALLOC\n");
|
||||
res = NULL;
|
||||
}
|
||||
#else
|
||||
res = malloc(size);
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)heap;
|
||||
WOLFSSL_HEAP* mem = hint->memory;
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
if (LockMutex(&(mem->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < bucket[i]) {
|
||||
if (available[i] != NULL) {
|
||||
pt = available[i];
|
||||
available[i] = pt->next;
|
||||
res = pt->buffer;
|
||||
inUse += pt->sz + WC_STATIC_ALIGN;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("used bucket at address %p size of %d for size"
|
||||
" req %d\n", res, bucket[i], (word32)size);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
/* case of using fixed IO buffers */
|
||||
if (mem->flag & WOLFMEM_IO_POOL_FIXED) {
|
||||
if (type == DYNAMIC_TYPE_OUT_BUFFER) {
|
||||
pt = hint->outBuf;
|
||||
}
|
||||
if (type == DYNAMIC_TYPE_IN_BUFFER) {
|
||||
pt = hint->inBuf;
|
||||
}
|
||||
}
|
||||
|
||||
UnLockMutex(&memory_mutex);
|
||||
/* check if using IO pool flag */
|
||||
if (mem->flag & WOLFMEM_IO_POOL && pt == NULL &&
|
||||
(type == DYNAMIC_TYPE_OUT_BUFFER ||
|
||||
type == DYNAMIC_TYPE_IN_BUFFER)) {
|
||||
if (mem->io != NULL) {
|
||||
pt = mem->io;
|
||||
mem->io = pt->next;
|
||||
}
|
||||
}
|
||||
|
||||
/* case when no memory size is available */
|
||||
/* general static memory */
|
||||
if (pt == NULL) {
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
{
|
||||
int k, j;
|
||||
printf("\tRequested size %lu\n\tAvailable memory "
|
||||
"buckets\n", size);
|
||||
for (k = 0; k < WC_MAX_BUCKETS; k++) {
|
||||
pt = available[k];
|
||||
j = 0;
|
||||
while (pt) {
|
||||
j++;
|
||||
pt = pt->next;
|
||||
}
|
||||
printf("\t%d of bucket %d\n", j, bucket[k]);
|
||||
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < mem->sizeList[i]) {
|
||||
if (mem->ava[i] != NULL) {
|
||||
pt = mem->ava[i];
|
||||
mem->ava[i] = pt->next;
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* check if too large and never going to get memory needed */
|
||||
if ((word32)size > bucket[WC_MAX_BUCKETS-1]) {
|
||||
WOLFSSL_MSG("Size of malloc is too large");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* wait then try again if set to */
|
||||
if (WOLFSSL_STATIC_TIMEOUT > 0) {
|
||||
WOLFSSL_MSG("Waiting for available memory bucket");
|
||||
XSLEEP(WOLFSSL_STATIC_TIMEOUT);
|
||||
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < bucket[i]) {
|
||||
if (available[i] != NULL) {
|
||||
pt = available[i];
|
||||
available[i] = pt->next;
|
||||
res = pt->buffer;
|
||||
inUse += pt->sz + WC_STATIC_ALIGN;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("used bucket at address %p size of %d"
|
||||
" for size req %d\n", res, bucket[i],
|
||||
(word32)size);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
UnLockMutex(&memory_mutex);
|
||||
}
|
||||
|
||||
if (pt == NULL) {
|
||||
WOLFSSL_MSG("No available memory bucket");
|
||||
}
|
||||
}
|
||||
|
||||
if (pt != NULL) {
|
||||
mem->inUse += pt->sz + WOLFSSL_STATIC_ALIGN;
|
||||
mem->alloc += 1;
|
||||
res = pt->buffer;
|
||||
|
||||
/* keep track of connection statistics if flag is set */
|
||||
if (mem->flag & WOLFMEM_TRACK_STATS) {
|
||||
WOLFSSL_MEM_CONN_STATS* stats = hint->stats;
|
||||
if (stats != NULL) {
|
||||
stats->curMem += pt->sz + WOLFSSL_STATIC_ALIGN;
|
||||
if (stats->peakMem < stats->curMem) {
|
||||
stats->peakMem = stats->curMem;
|
||||
}
|
||||
stats->curAlloc++;
|
||||
if (stats->peakAlloc < stats->curAlloc) {
|
||||
stats->peakAlloc = stats->curAlloc;
|
||||
}
|
||||
stats->totalAlloc++;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("ERROR ran out of static memory");
|
||||
}
|
||||
|
||||
UnLockMutex(&(mem->memory_mutex));
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_MALLOC_CHECK
|
||||
@@ -501,179 +459,179 @@ void* wolfSSL_Malloc_Static(size_t size)
|
||||
|
||||
(void)i;
|
||||
(void)pt;
|
||||
(void)type;
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
void wolfSSL_Free_Static(void *ptr)
|
||||
|
||||
void wolfSSL_Free(void *ptr, void* heap, int type)
|
||||
{
|
||||
int i;
|
||||
wc_Memory* pt;
|
||||
|
||||
if (ptr) {
|
||||
/* get memory struct and add it to available list */
|
||||
pt = (wc_Memory*)((byte*)ptr - WC_STATIC_ALIGN);
|
||||
/* check for testing heap hint was set */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (heap == (void*)WOLFSSL_HEAP_TEST) {
|
||||
return free(ptr);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (pt->kill) {
|
||||
free(pt);
|
||||
if (heap == NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
/* allow using malloc for creating ctx and method */
|
||||
if (type == DYNAMIC_TYPE_CTX || type == DYNAMIC_TYPE_METHOD ||
|
||||
type == DYNAMIC_TYPE_CERT_MANAGER) {
|
||||
WOLFSSL_MSG("ERROR allowing null heap hint for ctx/method\n");
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("ERROR null heap hint passed into XFREE\n");
|
||||
}
|
||||
#endif
|
||||
free(ptr);
|
||||
}
|
||||
else {
|
||||
LockMutex(&memory_mutex);
|
||||
WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)heap;
|
||||
WOLFSSL_HEAP* mem = hint->memory;
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if (pt->sz == bucket[i]) {
|
||||
inUse -= WC_STATIC_ALIGN + pt->sz;
|
||||
pt->next = available[i];
|
||||
available[i] = pt;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("\tfreed %p bucket size of %d\n"
|
||||
,pt, bucket[i]);
|
||||
#endif
|
||||
break;
|
||||
/* get memory struct and add it to available list */
|
||||
pt = (wc_Memory*)((byte*)ptr - WOLFSSL_STATIC_ALIGN);
|
||||
LockMutex(&(mem->memory_mutex));
|
||||
|
||||
|
||||
/* case of using fixed IO buffers */
|
||||
if (mem->flag & WOLFMEM_IO_POOL_FIXED &&
|
||||
(type == DYNAMIC_TYPE_OUT_BUFFER ||
|
||||
type == DYNAMIC_TYPE_IN_BUFFER)) {
|
||||
/* fixed IO pools are free'd at the end of SSL lifetime
|
||||
using FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io) */
|
||||
}
|
||||
else if (mem->flag & WOLFMEM_IO_POOL &&
|
||||
(type == DYNAMIC_TYPE_OUT_BUFFER ||
|
||||
type == DYNAMIC_TYPE_IN_BUFFER)) {
|
||||
pt->next = mem->io;
|
||||
mem->io = pt;
|
||||
}
|
||||
else { /* general memory free */
|
||||
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
|
||||
if (pt->sz == mem->sizeList[i]) {
|
||||
pt->next = mem->ava[i];
|
||||
mem->ava[i] = pt;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
UnLockMutex(&memory_mutex);
|
||||
mem->inUse -= WOLFSSL_STATIC_ALIGN + pt->sz;
|
||||
mem->frAlc += 1;
|
||||
|
||||
/* keep track of connection statistics if flag is set */
|
||||
if (mem->flag & WOLFMEM_TRACK_STATS) {
|
||||
WOLFSSL_MEM_CONN_STATS* stats = hint->stats;
|
||||
if (stats != NULL) {
|
||||
/* avoid under flow */
|
||||
if (stats->curMem > pt->sz + WOLFSSL_STATIC_ALIGN) {
|
||||
stats->curMem -= pt->sz + WOLFSSL_STATIC_ALIGN;
|
||||
}
|
||||
else {
|
||||
stats->curMem = 0;
|
||||
}
|
||||
|
||||
if (stats->curAlloc > 0) {
|
||||
stats->curAlloc--;
|
||||
}
|
||||
stats->totalFr++;
|
||||
}
|
||||
}
|
||||
UnLockMutex(&(mem->memory_mutex));
|
||||
}
|
||||
}
|
||||
|
||||
(void)i;
|
||||
(void)pt;
|
||||
(void)type;
|
||||
}
|
||||
|
||||
|
||||
void* wolfSSL_Realloc_Static(void *ptr, size_t size)
|
||||
void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type)
|
||||
{
|
||||
void* res = 0;
|
||||
wc_Memory* pt = NULL;
|
||||
int i;
|
||||
word32 prvSz;
|
||||
int i;
|
||||
|
||||
if (useStaticMemory == 0) {
|
||||
pt = realloc(ptr, size + WC_STATIC_ALIGN);
|
||||
pt->buffer = (byte*)pt + WC_STATIC_ALIGN;
|
||||
pt->sz = (word32)size;
|
||||
pt->kill = 1;
|
||||
pt->next = NULL;
|
||||
res = pt->buffer;
|
||||
/* check for testing heap hint was set */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
if (heap == (void*)WOLFSSL_HEAP_TEST) {
|
||||
return realloc(ptr, size);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (heap == NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
WOLFSSL_MSG("ERROR null heap hint passed in to XREALLOC\n");
|
||||
#endif
|
||||
res = realloc(ptr, size);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_HEAP_HINT* hint = (WOLFSSL_HEAP_HINT*)heap;
|
||||
WOLFSSL_HEAP* mem = hint->memory;
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
if (LockMutex(&(mem->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < bucket[i]) {
|
||||
if (available[i] != NULL) {
|
||||
word32 prvSz;
|
||||
|
||||
pt = available[i];
|
||||
available[i] = pt->next;
|
||||
res = pt->buffer;
|
||||
|
||||
/* copy over original information and free ptr */
|
||||
prvSz = ((wc_Memory*)((byte*)ptr -WC_STATIC_ALIGN))->sz;
|
||||
prvSz = (prvSz > bucket[i])? bucket[i]: prvSz;
|
||||
XMEMCPY(pt->buffer, ptr, prvSz);
|
||||
|
||||
/* free memory that was previously being used */
|
||||
UnLockMutex(&memory_mutex);
|
||||
wolfSSL_Free_Static(ptr);
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
inUse += pt->sz + WC_STATIC_ALIGN;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("realloc used a bucket of %d for size req %d\n",
|
||||
bucket[i], (word32)size);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
/* case of using fixed IO buffers or IO pool */
|
||||
if (((mem->flag & WOLFMEM_IO_POOL)||(mem->flag & WOLFMEM_IO_POOL_FIXED))
|
||||
&& (type == DYNAMIC_TYPE_OUT_BUFFER ||
|
||||
type == DYNAMIC_TYPE_IN_BUFFER)) {
|
||||
/* no realloc, is fixed size */
|
||||
pt = (wc_Memory*)ptr;
|
||||
if (pt->sz < size) {
|
||||
WOLFSSL_MSG("Error IO memory was not large enough");
|
||||
res = NULL; /* return NULL in error case */
|
||||
}
|
||||
res = pt->buffer;
|
||||
}
|
||||
|
||||
UnLockMutex(&memory_mutex);
|
||||
|
||||
/* case when no memory size is available */
|
||||
if (pt == NULL) {
|
||||
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
{
|
||||
int k, j;
|
||||
printf("\tRequested size %lu\n\tAvailable memory "
|
||||
"buckets\n", size);
|
||||
for (k = 0; k < WC_MAX_BUCKETS; k++) {
|
||||
pt = available[k];
|
||||
j = 0;
|
||||
while (pt) {
|
||||
j++;
|
||||
pt = pt->next;
|
||||
}
|
||||
printf("\t%d of bucket %d\n", j, bucket[k]);
|
||||
else {
|
||||
/* general memory */
|
||||
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < mem->sizeList[i]) {
|
||||
if (mem->ava[i] != NULL) {
|
||||
pt = mem->ava[i];
|
||||
mem->ava[i] = pt->next;
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
/* check if too large and never going to get memory needed */
|
||||
if ((word32)size > bucket[WC_MAX_BUCKETS-1]) {
|
||||
WOLFSSL_MSG("Size of malloc is too large");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (WOLFSSL_STATIC_TIMEOUT > 0) {
|
||||
WOLFSSL_MSG("Waiting for available memory bucket");
|
||||
XSLEEP(WOLFSSL_STATIC_TIMEOUT);
|
||||
if (pt != NULL && res == NULL) {
|
||||
res = pt->buffer;
|
||||
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
/* copy over original information and free ptr */
|
||||
prvSz = ((wc_Memory*)((byte*)ptr -
|
||||
WOLFSSL_STATIC_ALIGN))->sz;
|
||||
prvSz = (prvSz > pt->sz)? pt->sz: prvSz;
|
||||
XMEMCPY(pt->buffer, ptr, prvSz);
|
||||
mem->inUse += pt->sz + WOLFSSL_STATIC_ALIGN;
|
||||
mem->alloc += 1;
|
||||
|
||||
/* free memory that was previously being used */
|
||||
UnLockMutex(&(mem->memory_mutex));
|
||||
wolfSSL_Free(ptr, heap, type);
|
||||
if (LockMutex(&(mem->memory_mutex)) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
for (i = 0; i < WC_MAX_BUCKETS; i++) {
|
||||
if ((word32)size < bucket[i]) {
|
||||
if (available[i] != NULL) {
|
||||
word32 prvSz;
|
||||
|
||||
pt = available[i];
|
||||
available[i] = pt->next;
|
||||
res = pt->buffer;
|
||||
|
||||
/* copy over original information and free ptr*/
|
||||
prvSz = ((wc_Memory*)((byte*)ptr -
|
||||
WC_STATIC_ALIGN))->sz;
|
||||
prvSz = (prvSz > bucket[i])? bucket[i]: prvSz;
|
||||
XMEMCPY(pt->buffer, ptr, prvSz);
|
||||
|
||||
/* free memory that was previously being used */
|
||||
UnLockMutex(&memory_mutex);
|
||||
wolfSSL_Free_Static(ptr);
|
||||
if (LockMutex(&memory_mutex) != 0) {
|
||||
WOLFSSL_MSG("Bad memory_mutex lock");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
inUse += pt->sz + WC_STATIC_ALIGN;
|
||||
#ifdef WOLFSSL_TRACK_MEMORY_FULL
|
||||
printf("realloc used a bucket of %d for size"
|
||||
" req %d\n", bucket[i], (word32)size);
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
UnLockMutex(&memory_mutex);
|
||||
}
|
||||
|
||||
if (pt == NULL) {
|
||||
WOLFSSL_MSG("No available memory bucket");
|
||||
}
|
||||
}
|
||||
UnLockMutex(&(mem->memory_mutex));
|
||||
}
|
||||
|
||||
(void)i;
|
||||
(void)pt;
|
||||
(void)type;
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
+60
-39
@@ -139,13 +139,32 @@ int wc_GetContentType(const byte* input, word32* inOutIdx, word32* oid,
|
||||
}
|
||||
|
||||
|
||||
int wc_PKCS7_SetHeap(PKCS7* pkcs7, void* heap)
|
||||
{
|
||||
if (pkcs7 == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
pkcs7->heap = heap;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* init PKCS7 struct with recipient cert, decode into DecodedCert */
|
||||
int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
XMEMSET(pkcs7, 0, sizeof(PKCS7));
|
||||
if (cert != NULL && certSz > 0) {
|
||||
|
||||
/* default heap hint is null or test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
pkcs7->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
pkcs7->heap = NULL;
|
||||
#endif
|
||||
|
||||
if (cert != NULL && certSz > 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
DecodedCert* dCert;
|
||||
|
||||
@@ -160,7 +179,7 @@ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz)
|
||||
|
||||
pkcs7->singleCert = cert;
|
||||
pkcs7->singleCertSz = certSz;
|
||||
InitDecodedCert(dCert, cert, certSz, 0);
|
||||
InitDecodedCert(dCert, cert, certSz, pkcs7->heap);
|
||||
|
||||
ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0);
|
||||
if (ret < 0) {
|
||||
@@ -435,12 +454,13 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[2], 4,
|
||||
pkcs7->signedAttribs, pkcs7->signedAttribsSz);
|
||||
|
||||
flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, 0, NULL);
|
||||
flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_PKCS);
|
||||
flatSignedAttribsSz = esd->signedAttribsSz;
|
||||
if (flatSignedAttribs == NULL) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
#endif
|
||||
return MEMORY_E;
|
||||
}
|
||||
FlattenAttributes(flatSignedAttribs,
|
||||
@@ -475,7 +495,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
|
||||
ret = wc_InitSha(&esd->sha);
|
||||
if (ret < 0) {
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -526,13 +546,13 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
}
|
||||
#endif
|
||||
|
||||
result = wc_InitRsaKey(privKey, NULL);
|
||||
result = wc_InitRsaKey(privKey, pkcs7->heap);
|
||||
if (result == 0)
|
||||
result = wc_RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, privKey,
|
||||
pkcs7->privateKeySz);
|
||||
if (result < 0) {
|
||||
if (pkcs7->signedAttribsSz != 0)
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -555,7 +575,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
|
||||
if (result < 0) {
|
||||
if (pkcs7->signedAttribsSz != 0)
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -598,7 +618,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
|
||||
if (outputSz < totalSz) {
|
||||
if (pkcs7->signedAttribsSz != 0)
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -657,7 +677,7 @@ int wc_PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
idx += esd->signedAttribSetSz;
|
||||
XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz);
|
||||
idx += flatSignedAttribsSz;
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS);
|
||||
}
|
||||
|
||||
XMEMCPY(output + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz);
|
||||
@@ -896,7 +916,7 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
|
||||
|
||||
XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
|
||||
|
||||
ret = wc_InitRsaKey(key, NULL);
|
||||
ret = wc_InitRsaKey(key, pkcs7->heap);
|
||||
if (ret != 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -936,8 +956,8 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
|
||||
WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
|
||||
int keyEncAlgo, int blockKeySz,
|
||||
WC_RNG* rng, byte* contentKeyPlain,
|
||||
byte* contentKeyEnc,
|
||||
int* keyEncSz, byte* out, word32 outSz)
|
||||
byte* contentKeyEnc, int* keyEncSz,
|
||||
byte* out, word32 outSz, void* heap)
|
||||
{
|
||||
word32 idx = 0;
|
||||
int ret = 0, totalSz = 0;
|
||||
@@ -980,7 +1000,7 @@ WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
|
||||
DecodedCert* decoded = &stack_decoded;
|
||||
#endif
|
||||
|
||||
InitDecodedCert(decoded, (byte*)cert, certSz, 0);
|
||||
InitDecodedCert(decoded, (byte*)cert, certSz, heap);
|
||||
ret = ParseCert(decoded, CA_TYPE, NO_VERIFY, 0);
|
||||
if (ret < 0) {
|
||||
FreeDecodedCert(decoded);
|
||||
@@ -1252,7 +1272,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
recipSz = wc_CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk,
|
||||
blockKeySz, &rng, contentKeyPlain,
|
||||
contentKeyEnc, &contentKeyEncSz, recip,
|
||||
MAX_RECIP_SZ);
|
||||
MAX_RECIP_SZ, pkcs7->heap);
|
||||
|
||||
ForceZero(contentKeyEnc, MAX_ENCRYPTED_KEY_SZ);
|
||||
|
||||
@@ -1293,7 +1313,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE);
|
||||
desOutSz = pkcs7->contentSz + padSz;
|
||||
|
||||
plain = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
plain = (byte*)XMALLOC(desOutSz, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (plain == NULL) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
@@ -1306,9 +1326,10 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
plain[pkcs7->contentSz + i] = (byte)padSz;
|
||||
}
|
||||
|
||||
encryptedContent = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
encryptedContent = (byte*)XMALLOC(desOutSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (encryptedContent == NULL) {
|
||||
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1324,8 +1345,8 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
oidBlkType, ivOctetStringSz + DES_BLOCK_SIZE);
|
||||
|
||||
if (contentEncAlgoSz == 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1342,8 +1363,8 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
wc_Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz);
|
||||
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1359,8 +1380,8 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
ret = wc_Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz);
|
||||
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1395,8 +1416,8 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
|
||||
if (totalSz > (int)outputSz) {
|
||||
WOLFSSL_MSG("Pkcs7_encrypt output buffer too small");
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1434,9 +1455,9 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
|
||||
ForceZero(contentKeyPlain, MAX_CONTENT_KEY_LEN);
|
||||
|
||||
XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1702,8 +1723,8 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
#endif
|
||||
return ASN_PARSE_E;
|
||||
}
|
||||
|
||||
encryptedContent = (byte*)XMALLOC(encryptedContentSz, NULL,
|
||||
|
||||
encryptedContent = (byte*)XMALLOC(encryptedContentSz, pkcs7->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (encryptedContent == NULL) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -1725,7 +1746,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
|
||||
ret = wc_InitRsaKey(privKey, 0);
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -1739,7 +1760,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
pkcs7->privateKeySz);
|
||||
if (ret != 0) {
|
||||
WOLFSSL_MSG("Failed to decode RSA private key");
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -1757,7 +1778,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
#endif
|
||||
|
||||
if (keySz <= 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1774,7 +1795,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
encryptedContentSz);
|
||||
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1789,7 +1810,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
encryptedContentSz);
|
||||
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1797,7 +1818,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
}
|
||||
} else {
|
||||
WOLFSSL_MSG("Unsupported content encryption OID type");
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
@@ -1812,11 +1833,11 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
/* free memory, zero out keys */
|
||||
ForceZero(encryptedKey, MAX_ENCRYPTED_KEY_SZ);
|
||||
ForceZero(encryptedContent, encryptedContentSz);
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
|
||||
return encryptedContentSz - padLen;
|
||||
}
|
||||
|
||||
|
||||
@@ -403,8 +403,19 @@ int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen,
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt,
|
||||
int saltLen, int iterations, int kLen, int hashType, int id)
|
||||
{
|
||||
return wc_PKCS12_PBKDF_ex(output, passwd, passLen, salt, saltLen,
|
||||
iterations, kLen, hashType, id, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* extended API that allows a heap hint to be used */
|
||||
int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
|
||||
const byte* salt, int saltLen, int iterations, int kLen,
|
||||
int hashType, int id, void* heap)
|
||||
{
|
||||
/* all in bytes instead of bits */
|
||||
word32 u, v, dLen, pLen, iLen, sLen, totalLen;
|
||||
@@ -460,7 +471,7 @@ int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* sa
|
||||
totalLen = dLen + sLen + pLen;
|
||||
|
||||
if (totalLen > sizeof(staticBuffer)) {
|
||||
buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY);
|
||||
buffer = (byte*)XMALLOC(totalLen, heap, DYNAMIC_TYPE_KEY);
|
||||
if (buffer == NULL) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -548,7 +559,7 @@ int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* sa
|
||||
mp_clear(&B1);
|
||||
}
|
||||
|
||||
if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY);
|
||||
if (dynamic) XFREE(buffer, heap, DYNAMIC_TYPE_KEY);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
+24
-2
@@ -200,10 +200,32 @@ static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv)
|
||||
}
|
||||
|
||||
|
||||
int wc_Rabbit_SetHeap(Rabbit* ctx, void* heap)
|
||||
{
|
||||
if (ctx == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
#ifdef XSTREAM_ALIGN
|
||||
ctx->heap = heap;
|
||||
#endif
|
||||
|
||||
(void)heap;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Key setup */
|
||||
int wc_RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv)
|
||||
{
|
||||
#ifdef XSTREAM_ALIGN
|
||||
/* default heap to NULL or heap test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
ctx->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
ctx->heap = NULL;
|
||||
#endif /* WOLFSSL_HEAP_TEST */
|
||||
|
||||
if ((wolfssl_word)key % 4) {
|
||||
int alignKey[4];
|
||||
|
||||
@@ -289,14 +311,14 @@ int wc_RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen
|
||||
byte* tmp;
|
||||
WOLFSSL_MSG("wc_RabbitProcess unaligned");
|
||||
|
||||
tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tmp = (byte*)XMALLOC(msglen, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmp == NULL) return MEMORY_E;
|
||||
|
||||
XMEMCPY(tmp, input, msglen);
|
||||
DoProcess(ctx, tmp, tmp, msglen);
|
||||
XMEMCPY(output, tmp, msglen);
|
||||
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return 0;
|
||||
#else
|
||||
|
||||
+15
-3
@@ -492,16 +492,23 @@ static int Hash_DRBG_Uninstantiate(DRBG* drbg)
|
||||
|
||||
|
||||
/* Get seed and key cipher */
|
||||
int wc_InitRng(WC_RNG* rng)
|
||||
int wc_InitRng_ex(WC_RNG* rng, void* heap)
|
||||
{
|
||||
int ret = BAD_FUNC_ARG;
|
||||
|
||||
if (rng != NULL) {
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
rng->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
(void)heap;
|
||||
#else
|
||||
rng->heap = heap;
|
||||
#endif
|
||||
if (wc_RNG_HealthTestLocal(0) == 0) {
|
||||
byte entropy[ENTROPY_NONCE_SZ];
|
||||
|
||||
rng->drbg =
|
||||
(struct DRBG*)XMALLOC(sizeof(DRBG), NULL, DYNAMIC_TYPE_RNG);
|
||||
(struct DRBG*)XMALLOC(sizeof(DRBG), rng->heap,
|
||||
DYNAMIC_TYPE_RNG);
|
||||
if (rng->drbg == NULL) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
@@ -543,6 +550,11 @@ int wc_InitRng(WC_RNG* rng)
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_InitRng(WC_RNG* rng)
|
||||
{
|
||||
return wc_InitRng_ex(rng, NULL);
|
||||
}
|
||||
|
||||
|
||||
/* place a generated block in output */
|
||||
int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
|
||||
@@ -611,7 +623,7 @@ int wc_FreeRng(WC_RNG* rng)
|
||||
else
|
||||
ret = RNG_FAILURE_E;
|
||||
|
||||
XFREE(rng->drbg, NULL, DYNAMIC_TYPE_RNG);
|
||||
XFREE(rng->drbg, rng->heap, DYNAMIC_TYPE_RNG);
|
||||
rng->drbg = NULL;
|
||||
}
|
||||
|
||||
|
||||
+38
-30
@@ -230,7 +230,7 @@ int wc_FreeRsaKey(RsaKey* key)
|
||||
outSz: size of output buffer
|
||||
*/
|
||||
static int wc_MGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
|
||||
byte* out, word32 outSz)
|
||||
byte* out, word32 outSz, void* heap)
|
||||
{
|
||||
byte* tmp;
|
||||
/* needs to be large enough for seed size plus counter(4) */
|
||||
@@ -255,7 +255,7 @@ static int wc_MGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
|
||||
/* find largest amount of memory needed which will be the max of
|
||||
* hLen and (seedSz + 4) since tmp is used to store the hash digest */
|
||||
tmpSz = ((seedSz + 4) > (word32)hLen)? seedSz + 4: (word32)hLen;
|
||||
tmp = (byte*)XMALLOC(tmpSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tmp = (byte*)XMALLOC(tmpSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmp == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -282,7 +282,7 @@ static int wc_MGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
|
||||
if ((ret = wc_Hash(hType, tmp, (seedSz + 4), tmp, tmpSz)) != 0) {
|
||||
/* check for if dynamic memory was needed, then free */
|
||||
if (tmpF) {
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
@@ -296,7 +296,7 @@ static int wc_MGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
|
||||
|
||||
/* check for if dynamic memory was needed, then free */
|
||||
if (tmpF) {
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
||||
return 0;
|
||||
@@ -307,29 +307,32 @@ static int wc_MGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
|
||||
switeched on type input
|
||||
*/
|
||||
static int wc_MGF(int type, byte* seed, word32 seedSz,
|
||||
byte* out, word32 outSz)
|
||||
byte* out, word32 outSz, void* heap)
|
||||
{
|
||||
int ret;
|
||||
|
||||
switch(type) {
|
||||
#ifndef NO_SHA
|
||||
case WC_MGF1SHA1:
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA, seed, seedSz, out, outSz);
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA, seed, seedSz, out, outSz, heap);
|
||||
break;
|
||||
#endif
|
||||
#ifndef NO_SHA256
|
||||
case WC_MGF1SHA256:
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA256, seed, seedSz, out, outSz);
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA256, seed, seedSz,
|
||||
out, outSz, heap);
|
||||
break;
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA512
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case WC_MGF1SHA384:
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA384, seed, seedSz, out, outSz);
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA384, seed, seedSz,
|
||||
out, outSz, heap);
|
||||
break;
|
||||
#endif
|
||||
case WC_MGF1SHA512:
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA512, seed, seedSz, out, outSz);
|
||||
ret = wc_MGF1(WC_HASH_TYPE_SHA512, seed, seedSz,
|
||||
out, outSz, heap);
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
@@ -342,14 +345,16 @@ static int wc_MGF(int type, byte* seed, word32 seedSz,
|
||||
(void)seedSz;
|
||||
(void)out;
|
||||
(void)outSz;
|
||||
(void)heap;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
word32 pkcsBlockLen, byte padValue, WC_RNG* rng,
|
||||
enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen)
|
||||
word32 pkcsBlockLen, byte padValue, WC_RNG* rng,
|
||||
enum wc_HashType hType, int mgf, byte* optLabel,
|
||||
word32 labelLen, void* heap)
|
||||
{
|
||||
int ret;
|
||||
int hLen;
|
||||
@@ -464,7 +469,7 @@ static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
}
|
||||
|
||||
/* create maskedDB from dbMask */
|
||||
dbMask = (byte*)XMALLOC(pkcsBlockLen - hLen - 1, NULL, DYNAMIC_TYPE_RSA);
|
||||
dbMask = (byte*)XMALLOC(pkcsBlockLen - hLen - 1, heap, DYNAMIC_TYPE_RSA);
|
||||
if (dbMask == NULL) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -474,9 +479,9 @@ static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
}
|
||||
XMEMSET(dbMask, 0, pkcsBlockLen - hLen - 1); /* help static analyzer */
|
||||
|
||||
ret = wc_MGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1);
|
||||
ret = wc_MGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1, heap);
|
||||
if (ret != 0) {
|
||||
XFREE(dbMask, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(dbMask, heap, DYNAMIC_TYPE_RSA);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -490,7 +495,7 @@ static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
pkcsBlock[idx] = dbMask[i++] ^ pkcsBlock[idx];
|
||||
idx++;
|
||||
}
|
||||
XFREE(dbMask, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(dbMask, heap, DYNAMIC_TYPE_RSA);
|
||||
|
||||
|
||||
/* create maskedSeed from seedMask */
|
||||
@@ -498,7 +503,7 @@ static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
pkcsBlock[idx++] = 0x00;
|
||||
/* create seedMask inline */
|
||||
if ((ret = wc_MGF(mgf, pkcsBlock + hLen + 1, pkcsBlockLen - hLen - 1,
|
||||
pkcsBlock + 1, hLen)) != 0) {
|
||||
pkcsBlock + 1, hLen, heap)) != 0) {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -572,8 +577,9 @@ static int wc_RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
#ifndef WC_NO_RSA_OAEP
|
||||
/* helper function to direct which padding is used */
|
||||
static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType,
|
||||
enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen)
|
||||
word32 pkcsBlockLen, byte padValue, WC_RNG* rng,
|
||||
int padType, enum wc_HashType hType, int mgf,
|
||||
byte* optLabel, word32 labelLen, void* heap)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@@ -588,7 +594,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
case WC_RSA_OAEP_PAD:
|
||||
WOLFSSL_MSG("wolfSSL Using RSA OAEP padding");
|
||||
ret = wc_RsaPad_OAEP(input, inputLen, pkcsBlock, pkcsBlockLen,
|
||||
padValue, rng, hType, mgf, optLabel, labelLen);
|
||||
padValue, rng, hType, mgf, optLabel, labelLen, heap);
|
||||
break;
|
||||
|
||||
default:
|
||||
@@ -602,6 +608,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
(void)mgf;
|
||||
(void)optLabel;
|
||||
(void)labelLen;
|
||||
(void)heap;
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -611,7 +618,7 @@ static int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
* < 0 on error */
|
||||
static int wc_RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
byte **output, enum wc_HashType hType, int mgf,
|
||||
byte* optLabel, word32 labelLen)
|
||||
byte* optLabel, word32 labelLen, void* heap)
|
||||
{
|
||||
int hLen;
|
||||
int ret;
|
||||
@@ -624,7 +631,7 @@ static int wc_RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
tmp = (byte*)XMALLOC(pkcsBlockLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
tmp = (byte*)XMALLOC(pkcsBlockLen, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (tmp == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -632,8 +639,8 @@ static int wc_RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
|
||||
/* find seedMask value */
|
||||
if ((ret = wc_MGF(mgf, (byte*)(pkcsBlock + (hLen + 1)),
|
||||
pkcsBlockLen - hLen - 1, tmp, hLen)) != 0) {
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
pkcsBlockLen - hLen - 1, tmp, hLen, heap)) != 0) {
|
||||
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -644,8 +651,8 @@ static int wc_RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
|
||||
/* get dbMask value */
|
||||
if ((ret = wc_MGF(mgf, tmp, hLen, tmp + hLen,
|
||||
pkcsBlockLen - hLen - 1)) != 0) {
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
pkcsBlockLen - hLen - 1, heap)) != 0) {
|
||||
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -655,7 +662,7 @@ static int wc_RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
}
|
||||
|
||||
/* done with use of tmp buffer */
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* advance idx to index of PS and msg separator */
|
||||
idx = hLen + 2 + hLen;
|
||||
@@ -739,7 +746,7 @@ static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
|
||||
/* helper function to direct unpadding */
|
||||
static int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
|
||||
byte padValue, int padType, enum wc_HashType hType,
|
||||
int mgf, byte* optLabel, word32 labelLen)
|
||||
int mgf, byte* optLabel, word32 labelLen, void* heap)
|
||||
{
|
||||
int ret;
|
||||
|
||||
@@ -753,7 +760,7 @@ static int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
|
||||
case WC_RSA_OAEP_PAD:
|
||||
WOLFSSL_MSG("wolfSSL Using RSA OAEP padding");
|
||||
ret = wc_RsaUnPad_OAEP((byte*)pkcsBlock, pkcsBlockLen, out,
|
||||
hType, mgf, optLabel, labelLen);
|
||||
hType, mgf, optLabel, labelLen, heap);
|
||||
break;
|
||||
|
||||
default:
|
||||
@@ -767,6 +774,7 @@ static int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
|
||||
(void)mgf;
|
||||
(void)optLabel;
|
||||
(void)labelLen;
|
||||
(void)heap;
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -940,7 +948,7 @@ int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
|
||||
return RSA_BUFFER_E;
|
||||
|
||||
ret = wc_RsaPad_ex(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng,
|
||||
type, hash, mgf, label, labelSz);
|
||||
type, hash, mgf, label, labelSz, key->heap);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
@@ -1017,7 +1025,7 @@ int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen, byte** out,
|
||||
}
|
||||
|
||||
return wc_RsaUnPad_ex(in, inLen, out, RSA_BLOCK_TYPE_2, type, hash, mgf,
|
||||
label, labelSz);
|
||||
label, labelSz, key->heap);
|
||||
}
|
||||
#endif /* WC_NO_RSA_OAEP */
|
||||
|
||||
|
||||
+26
-13
@@ -254,6 +254,13 @@ int wc_SrpInit(Srp* srp, SrpType type, SrpSide side)
|
||||
|
||||
srp->keyGenFunc_cb = wc_SrpSetKey;
|
||||
|
||||
/* default heap hint to NULL or test value */
|
||||
#ifdef WOLFSSL_HEAP_TEST
|
||||
srp->heap = (void*)WOLFSSL_HEAP_TEST;
|
||||
#else
|
||||
srp->heap = NULL;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -263,12 +270,18 @@ void wc_SrpTerm(Srp* srp)
|
||||
mp_clear(&srp->N); mp_clear(&srp->g);
|
||||
mp_clear(&srp->auth); mp_clear(&srp->priv);
|
||||
|
||||
ForceZero(srp->salt, srp->saltSz);
|
||||
XFREE(srp->salt, NULL, DYNAMIC_TYPE_SRP);
|
||||
ForceZero(srp->user, srp->userSz);
|
||||
XFREE(srp->user, NULL, DYNAMIC_TYPE_SRP);
|
||||
ForceZero(srp->key, srp->keySz);
|
||||
XFREE(srp->key, NULL, DYNAMIC_TYPE_SRP);
|
||||
if (srp->salt) {
|
||||
ForceZero(srp->salt, srp->saltSz);
|
||||
XFREE(srp->salt, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
if (srp->user) {
|
||||
ForceZero(srp->user, srp->userSz);
|
||||
XFREE(srp->user, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
if (srp->key) {
|
||||
ForceZero(srp->key, srp->keySz);
|
||||
XFREE(srp->key, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
|
||||
ForceZero(srp, sizeof(Srp));
|
||||
}
|
||||
@@ -279,7 +292,7 @@ int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size)
|
||||
if (!srp || !username)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
srp->user = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_SRP);
|
||||
srp->user = (byte*)XMALLOC(size, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
if (srp->user == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -322,10 +335,10 @@ int wc_SrpSetParams(Srp* srp, const byte* N, word32 nSz,
|
||||
/* Set salt */
|
||||
if (srp->salt) {
|
||||
ForceZero(srp->salt, srp->saltSz);
|
||||
XFREE(srp->salt, NULL, DYNAMIC_TYPE_SRP);
|
||||
XFREE(srp->salt, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
|
||||
srp->salt = (byte*)XMALLOC(saltSz, NULL, DYNAMIC_TYPE_SRP);
|
||||
srp->salt = (byte*)XMALLOC(saltSz, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
if (srp->salt == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -538,7 +551,7 @@ static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size)
|
||||
byte counter[4];
|
||||
int r = BAD_FUNC_ARG;
|
||||
|
||||
srp->key = (byte*)XMALLOC(2 * digestSz, NULL, DYNAMIC_TYPE_SRP);
|
||||
srp->key = (byte*)XMALLOC(2 * digestSz, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
if (srp->key == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -599,11 +612,11 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
digestSz = SrpHashSize(srp->type);
|
||||
secretSz = mp_unsigned_bin_size(&srp->N);
|
||||
|
||||
if ((secret = (byte*)XMALLOC(secretSz, NULL, DYNAMIC_TYPE_SRP)) == NULL)
|
||||
if ((secret = (byte*)XMALLOC(secretSz, srp->heap, DYNAMIC_TYPE_SRP)) ==NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if ((r = mp_init_multi(&u, &s, &temp1, &temp2, 0, 0)) != MP_OKAY) {
|
||||
XFREE(secret, NULL, DYNAMIC_TYPE_SRP);
|
||||
XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
return r;
|
||||
}
|
||||
|
||||
@@ -679,7 +692,7 @@ int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
|
||||
if (!r) r = SrpHashUpdate(&srp->server_proof, clientPubKey, clientPubKeySz);
|
||||
|
||||
XFREE(secret, NULL, DYNAMIC_TYPE_SRP);
|
||||
XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_clear(&u); mp_clear(&s); mp_clear(&temp1); mp_clear(&temp2);
|
||||
|
||||
return r;
|
||||
|
||||
+1
-29
@@ -40,28 +40,6 @@
|
||||
#pragma warning(disable: 4996)
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#if defined(WOLFSSL_STATIC_MEMORY_SMALL)
|
||||
static byte wc_staticMemory[54833];
|
||||
/* peak of one connection (10 concurent connections) plus 41 chunks of 64 byte
|
||||
for structs */
|
||||
#elif defined(WOLFSSL_STATIC_MEMORY_MEDIUM)
|
||||
static byte wc_staticMemory[941888];
|
||||
/* peak of one connection (520 concurent connections) plus 41 chunks of 64 byte
|
||||
for structs */
|
||||
#elif defined(WOLFSSL_STATIC_MEMORY_LARGE)
|
||||
static byte wc_staticMemory[1860992];
|
||||
/* peak of one connection (1040 concurent connections) plus 41 chunks of 64 byte
|
||||
for structs */
|
||||
#elif defined(WOLFSSL_STATIC_MEMORY_HUGE)
|
||||
static byte wc_staticMemory[3699200];
|
||||
/* peak of one connection (1040 concurent connections) plus 41 chunks of 64 byte
|
||||
for structs */
|
||||
#else
|
||||
static byte wc_staticMemory[0];
|
||||
#endif
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
/* prevent multiple mutex initializations */
|
||||
static volatile int initRefCount = 0;
|
||||
|
||||
@@ -93,13 +71,7 @@ int wolfCrypt_Init()
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
/* set static memory functions and load initial memory */
|
||||
wolfSSL_SetAllocators(wolfSSL_Malloc_Static, wolfSSL_Free_Static,
|
||||
wolfSSL_Realloc_Static);
|
||||
if (wolfSSL_load_static_memory(wc_staticMemory,
|
||||
sizeof(wc_staticMemory)) != 1) {
|
||||
WOLFSSL_MSG("Error setting up static memory");
|
||||
ret = WC_INIT_E;
|
||||
}
|
||||
wolfSSL_SetAllocators(wolfSSL_Malloc, wolfSSL_Free, wolfSSL_Realloc);
|
||||
#endif
|
||||
initRefCount = 1;
|
||||
}
|
||||
|
||||
+445
-453
File diff suppressed because it is too large
Load Diff
+14
-4
@@ -1495,6 +1495,7 @@ struct WOLFSSL_CRL {
|
||||
int mfd; /* monitor fd, -1 if no init yet */
|
||||
int setup; /* thread is setup predicate */
|
||||
#endif
|
||||
void* heap; /* heap hint for dynamic memory */
|
||||
};
|
||||
|
||||
|
||||
@@ -1906,6 +1907,9 @@ WOLFSSL_LOCAL int wolfSSL_EventInit(WOLFSSL* ssl, WOLF_EVENT_TYPE type);
|
||||
WOLFSSL_LOCAL int wolfSSL_CTX_EventPush(WOLFSSL_CTX* ctx, WOLF_EVENT* event);
|
||||
#endif /* HAVE_WOLF_EVENT */
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_LOCAL int wolfSSL_init_memory_heap(WOLFSSL_HEAP* heap);
|
||||
#endif
|
||||
|
||||
/* wolfSSL context type */
|
||||
struct WOLFSSL_CTX {
|
||||
@@ -2030,7 +2034,9 @@ struct WOLFSSL_CTX {
|
||||
|
||||
|
||||
WOLFSSL_LOCAL
|
||||
int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*);
|
||||
WOLFSSL_CTX* wolfSSL_CTX_new_ex(WOLFSSL_METHOD* method, void* heap);
|
||||
WOLFSSL_LOCAL
|
||||
int InitSSL_Ctx(WOLFSSL_CTX*, WOLFSSL_METHOD*, void* heap);
|
||||
WOLFSSL_LOCAL
|
||||
void FreeSSL_Ctx(WOLFSSL_CTX*);
|
||||
WOLFSSL_LOCAL
|
||||
@@ -2518,6 +2524,7 @@ struct WOLFSSL_X509 {
|
||||
#endif
|
||||
DNS_entry* altNames; /* alt names list */
|
||||
DNS_entry* altNamesNext; /* hint for retrieval */
|
||||
void* heap; /* heap hint */
|
||||
byte dynamicMemory; /* dynamic memory flag */
|
||||
byte isCa;
|
||||
#ifdef OPENSSL_EXTRA
|
||||
@@ -2656,6 +2663,9 @@ struct WOLFSSL {
|
||||
void* verifyCbCtx; /* cert verify callback user ctx*/
|
||||
VerifyCallback verifyCallback; /* cert verification callback */
|
||||
void* heap; /* for user overrides */
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
WOLFSSL_HEAP_HINT heap_hint;
|
||||
#endif
|
||||
#ifndef NO_HANDSHAKE_DONE_CB
|
||||
HandShakeDoneCb hsDoneCb; /* notify user handshake done */
|
||||
void* hsDoneCtx; /* user handshake cb context */
|
||||
@@ -2835,7 +2845,7 @@ int SetSSL_CTX(WOLFSSL*, WOLFSSL_CTX*);
|
||||
WOLFSSL_LOCAL
|
||||
int InitSSL(WOLFSSL*, WOLFSSL_CTX*);
|
||||
WOLFSSL_LOCAL
|
||||
void FreeSSL(WOLFSSL*);
|
||||
void FreeSSL(WOLFSSL*, void* heap);
|
||||
WOLFSSL_API void SSL_ResourceFree(WOLFSSL*); /* Micrium uses */
|
||||
|
||||
|
||||
@@ -3070,8 +3080,8 @@ WOLFSSL_LOCAL word32 LowResTimer(void);
|
||||
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME*, int);
|
||||
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name);
|
||||
WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int);
|
||||
WOLFSSL_LOCAL void FreeX509Name(WOLFSSL_X509_NAME* name, void* heap);
|
||||
WOLFSSL_LOCAL void InitX509(WOLFSSL_X509*, int, void* heap);
|
||||
WOLFSSL_LOCAL void FreeX509(WOLFSSL_X509*);
|
||||
WOLFSSL_LOCAL int CopyDecodedToX509(WOLFSSL_X509*, DecodedCert*);
|
||||
#endif
|
||||
|
||||
@@ -219,6 +219,27 @@ WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
typedef WOLFSSL_METHOD* (*wolfSSLStaticMethod)(void*);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfSSLv3_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_1_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfTLSv1_2_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfSSLv23_client_static(void* heap);
|
||||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_server_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_client_static(void* heap);
|
||||
WOLFSSL_API WOLFSSL_METHOD *wolfDTLSv1_2_server_static(void* heap);
|
||||
#endif
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#ifdef HAVE_POLY1305
|
||||
WOLFSSL_API int wolfSSL_use_old_poly(WOLFSSL*, int);
|
||||
#endif
|
||||
@@ -237,6 +258,19 @@ WOLFSSL_API int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
#endif /* WOLFSSL_SESSION_EXPORT */
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
typedef struct WOLFSSL_MEM_STATS WOLFSSL_MEM_STATS;
|
||||
typedef struct WOLFSSL_MEM_CONN_STATS WOLFSSL_MEM_CONN_STATS;
|
||||
WOLFSSL_API int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx,
|
||||
wolfSSLStaticMethod method,
|
||||
unsigned char* buf, unsigned int sz,
|
||||
int flag, int max);
|
||||
WOLFSSL_API int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx,
|
||||
WOLFSSL_MEM_STATS* mem_stats);
|
||||
WOLFSSL_API int wolfSSL_is_static_memory(WOLFSSL* ssl,
|
||||
WOLFSSL_MEM_CONN_STATS* mem_stats);
|
||||
#endif
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
||||
|
||||
WOLFSSL_API int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX*, const char*, int);
|
||||
@@ -1284,6 +1318,7 @@ WOLFSSL_API void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_API void wolfSSL_CTX_SetCACb(WOLFSSL_CTX*, CallbackCACache);
|
||||
|
||||
WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
|
||||
WOLFSSL_API WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
|
||||
WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
|
||||
|
||||
|
||||
@@ -1587,6 +1587,30 @@ static INLINE void FreeAtomicUser(WOLFSSL* ssl)
|
||||
|
||||
#endif /* ATOMIC_USER */
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
static INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats)
|
||||
{
|
||||
word16 i;
|
||||
|
||||
if (stats == NULL) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
fprintf(stderr, "Total mallocs = %d\n", stats->totalAlloc);
|
||||
fprintf(stderr, "Total frees = %d\n", stats->totalFr);
|
||||
fprintf(stderr, "Current mallocs = %d\n", stats->curAlloc);
|
||||
fprintf(stderr, "Available IO = %d\n", stats->avaIO);
|
||||
fprintf(stderr, "Max con. handshakes = %d\n", stats->maxHa);
|
||||
fprintf(stderr, "Max con. IO = %d\n", stats->maxIO);
|
||||
fprintf(stderr, "State of memory blocks: size : available \n");
|
||||
for (i = 0; i < WOLFMEM_MAX_BUCKETS; i++) {
|
||||
fprintf(stderr, " : %d\t : %d\n", stats->blockSz[i],
|
||||
stats->avaBlock[i]);
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
|
||||
|
||||
@@ -119,6 +119,7 @@ typedef struct Aes {
|
||||
#ifdef WOLFSSL_TI_CRYPT
|
||||
int keylen ;
|
||||
#endif
|
||||
void* heap; /* memory hint to use */
|
||||
} Aes;
|
||||
|
||||
|
||||
@@ -129,6 +130,7 @@ typedef struct Gmac {
|
||||
#endif /* HAVE_AESGCM */
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
WOLFSSL_API int wc_InitAes_h(Aes* aes, void* h);
|
||||
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir);
|
||||
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
|
||||
|
||||
@@ -763,6 +763,7 @@ struct OcspRequest {
|
||||
|
||||
byte nonce[MAX_OCSP_NONCE_SZ];
|
||||
int nonceSz;
|
||||
void* heap;
|
||||
};
|
||||
|
||||
|
||||
@@ -808,6 +809,7 @@ struct DecodedCRL {
|
||||
byte nextDateFormat; /* format of next date */
|
||||
RevokedCert* certs; /* revoked cert list */
|
||||
int totalCerts; /* number on list */
|
||||
void* heap;
|
||||
};
|
||||
|
||||
WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL*);
|
||||
|
||||
@@ -153,6 +153,7 @@ typedef struct Cert {
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
char challengePw[CTC_NAME_SIZE];
|
||||
#endif
|
||||
void* heap; /* heap hint */
|
||||
} Cert;
|
||||
#endif /* WOLFSSL_CERT_GEN */
|
||||
|
||||
|
||||
@@ -52,10 +52,12 @@ enum {
|
||||
/* DSA */
|
||||
typedef struct DsaKey {
|
||||
mp_int p, q, g, y, x;
|
||||
int type; /* public or private */
|
||||
int type; /* public or private */
|
||||
void* heap; /* memory hint */
|
||||
} DsaKey;
|
||||
|
||||
WOLFSSL_API void wc_InitDsaKey(DsaKey* key);
|
||||
WOLFSSL_API int wc_InitDsaKey_h(DsaKey* key, void* h);
|
||||
WOLFSSL_API void wc_FreeDsaKey(DsaKey* key);
|
||||
WOLFSSL_API int wc_DsaSign(const byte* digest, byte* out,
|
||||
DsaKey* key, WC_RNG* rng);
|
||||
|
||||
@@ -166,6 +166,7 @@ typedef struct {
|
||||
curves (idx >= 0) or user supplied */
|
||||
ecc_point pubkey; /* public key */
|
||||
mp_int k; /* private key */
|
||||
void* heap; /* heap hint */
|
||||
} ecc_key;
|
||||
|
||||
|
||||
@@ -208,6 +209,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
||||
WOLFSSL_API
|
||||
int wc_ecc_init(ecc_key* key);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_init_h(ecc_key* key, void* heap);
|
||||
WOLFSSL_API
|
||||
void wc_ecc_free(ecc_key* key);
|
||||
WOLFSSL_API
|
||||
void wc_ecc_fp_free(void);
|
||||
@@ -215,8 +218,12 @@ void wc_ecc_fp_free(void);
|
||||
WOLFSSL_API
|
||||
ecc_point* wc_ecc_new_point(void);
|
||||
WOLFSSL_API
|
||||
ecc_point* wc_ecc_new_point_h(void* h);
|
||||
WOLFSSL_API
|
||||
void wc_ecc_del_point(ecc_point* p);
|
||||
WOLFSSL_API
|
||||
void wc_ecc_del_point_h(ecc_point* p, void* h);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
|
||||
@@ -228,6 +235,9 @@ WOLFSSL_API
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map);
|
||||
|
||||
WOLFSSL_API
|
||||
int wc_ecc_mulmod_h(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map, void* heap);
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
/* ASN key helpers */
|
||||
WOLFSSL_API
|
||||
|
||||
@@ -43,12 +43,16 @@ typedef struct HC128 {
|
||||
word32 counter1024; /* counter1024 = i mod 1024 at the ith step */
|
||||
word32 key[8];
|
||||
word32 iv[8];
|
||||
#ifdef XSTREAM_ALIGN
|
||||
void* heap; /* heap hint, currently XMALLOC only used with aligning */
|
||||
#endif
|
||||
} HC128;
|
||||
|
||||
|
||||
WOLFSSL_API int wc_Hc128_Process(HC128*, byte*, const byte*, word32);
|
||||
WOLFSSL_API int wc_Hc128_SetKey(HC128*, const byte* key, const byte* iv);
|
||||
|
||||
WOLFSSL_LOCAL int wc_Hc128_SetHeap(HC128* ctx, void* heap);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
||||
@@ -144,17 +144,18 @@ typedef struct Hmac {
|
||||
word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/
|
||||
word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)];
|
||||
word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)];
|
||||
byte macType; /* md5 sha or sha256 */
|
||||
byte innerHashKeyed; /* keyed flag */
|
||||
#ifdef HAVE_CAVIUM
|
||||
word64 contextHandle; /* nitrox context memory handle */
|
||||
HashType type; /* hmac key type */
|
||||
word32 magic; /* using cavium magic */
|
||||
int devId; /* nitrox device id */
|
||||
void* heap /* heap hint , currently only used with cavium */
|
||||
byte* data; /* buffered input data for one call */
|
||||
word16 keyLen; /* hmac key length */
|
||||
word16 dataLen;
|
||||
HashType type; /* hmac key type */
|
||||
int devId; /* nitrox device id */
|
||||
word32 magic; /* using cavium magic */
|
||||
word64 contextHandle; /* nitrox context memory handle */
|
||||
byte* data; /* buffered input data for one call */
|
||||
#endif
|
||||
byte macType; /* md5 sha or sha256 */
|
||||
byte innerHashKeyed; /* keyed flag */
|
||||
} Hmac;
|
||||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
@@ -58,7 +58,7 @@
|
||||
#ifndef WOLFSSL_MEM_TRACK_H
|
||||
#define WOLFSSL_MEM_TRACK_H
|
||||
|
||||
#ifdef USE_WOLFSSL_MEMORY
|
||||
#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
|
||||
#include "wolfssl/wolfcrypt/logging.h"
|
||||
|
||||
|
||||
+81
-10
@@ -42,15 +42,26 @@
|
||||
WOLFSSL_API void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line);
|
||||
WOLFSSL_API void wolfSSL_Free(void *ptr, const char* func, unsigned int line);
|
||||
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size, const char* func, unsigned int line);
|
||||
|
||||
#else
|
||||
#if defined(WOLFSSL_STATIC_MEMORY)
|
||||
typedef void *(*wolfSSL_Malloc_cb)(size_t size, void* heap, int type);
|
||||
typedef void (*wolfSSL_Free_cb)(void *ptr, void* heap, int type);
|
||||
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size,
|
||||
void* heap, int type);
|
||||
WOLFSSL_API void* wolfSSL_Malloc(size_t size, void* heap, int type);
|
||||
WOLFSSL_API void wolfSSL_Free(void *ptr, void* heap, int type);
|
||||
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size,
|
||||
void* heap, int type);
|
||||
#else
|
||||
typedef void *(*wolfSSL_Malloc_cb)(size_t size);
|
||||
typedef void (*wolfSSL_Free_cb)(void *ptr);
|
||||
typedef void *(*wolfSSL_Realloc_cb)(void *ptr, size_t size);
|
||||
|
||||
/* Public in case user app wants to use XMALLOC/XFREE */
|
||||
WOLFSSL_API void* wolfSSL_Malloc(size_t size);
|
||||
WOLFSSL_API void wolfSSL_Free(void *ptr);
|
||||
WOLFSSL_API void* wolfSSL_Realloc(void *ptr, size_t size);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Public set function */
|
||||
@@ -60,16 +71,76 @@ WOLFSSL_API int wolfSSL_SetAllocators(wolfSSL_Malloc_cb malloc_function,
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#define WOLFSSL_STATIC_TIMEOUT 1
|
||||
#define WC_STATIC_ALIGN 64
|
||||
#define WOLFSSL_STATIC_ALIGN 64
|
||||
#define WOLFMEM_MAX_BUCKETS 9
|
||||
#define WOLFMEM_DEF_BUCKETS 9 /* number of default memory blocks */
|
||||
#define WOLFMEM_IO_SZ 17000
|
||||
|
||||
WOLFSSL_API int wolfSSL_load_static_memory(byte* buffer, word32 sz);
|
||||
WOLFSSL_API int wolfSSL_unload_static_memory(byte* buffer, word32 sz,
|
||||
word32* amt);
|
||||
WOLFSSL_API int wolfSSL_use_static_memory(byte flag);
|
||||
WOLFSSL_API word32 wolfSSL_static_memory_inUse(void);
|
||||
WOLFSSL_LOCAL void* wolfSSL_Malloc_Static(size_t size);
|
||||
WOLFSSL_LOCAL void wolfSSL_Free_Static(void *ptr);
|
||||
WOLFSSL_LOCAL void* wolfSSL_Realloc_Static(void *ptr, size_t size);
|
||||
/* flags for loading static memory (one hot bit) */
|
||||
#define WOLFMEM_GENERAL 0x01
|
||||
#define WOLFMEM_IO_POOL 0x02
|
||||
#define WOLFMEM_IO_POOL_FIXED 0x04
|
||||
#define WOLFMEM_TRACK_STATS 0x08
|
||||
|
||||
|
||||
typedef struct WOLFSSL_MEM_CONN_STATS {
|
||||
word32 peakMem; /* peak memory usage */
|
||||
word32 curMem; /* current memory usage */
|
||||
word32 peakAlloc; /* peak memory allocations */
|
||||
word32 curAlloc; /* current memory allocations */
|
||||
word32 totalAlloc;/* total memory allocations for lifetime */
|
||||
word32 totalFr; /* total frees for lifetime */
|
||||
} WOLFSSL_MEM_CONN_STATS;
|
||||
|
||||
typedef struct WOLFSSL_MEM_STATS {
|
||||
word32 curAlloc; /* current memory allocations */
|
||||
word32 totalAlloc;/* total memory allocations for lifetime */
|
||||
word32 totalFr; /* total frees for lifetime */
|
||||
word32 totalUse; /* total amount of memory used in blocks */
|
||||
word32 avaIO; /* available IO specific pools */
|
||||
word32 maxHa; /* max number of concurent handshakes allowed */
|
||||
word32 maxIO; /* max number of concurent IO connections allowed */
|
||||
word32 blockSz[WOLFMEM_MAX_BUCKETS]; /* block sizes in stacks */
|
||||
word32 avaBlock[WOLFMEM_MAX_BUCKETS];/* ava block sizes */
|
||||
word32 usedBlock[WOLFMEM_MAX_BUCKETS];
|
||||
int flag; /* flag used */
|
||||
} WOLFSSL_MEM_STATS;
|
||||
|
||||
typedef struct wc_Memory wc_Memory; /* internal structure for mem bucket */
|
||||
typedef struct WOLFSSL_HEAP {
|
||||
wc_Memory* ava[WOLFMEM_MAX_BUCKETS];
|
||||
wc_Memory* io; /* list of buffers to use for IO */
|
||||
word32 maxHa; /* max concurent handshakes */
|
||||
word32 curHa;
|
||||
word32 maxIO; /* max concurrent IO connections */
|
||||
word32 curIO;
|
||||
word32 sizeList[WOLFMEM_MAX_BUCKETS];/* memory sizes in ava list */
|
||||
word32 distList[WOLFMEM_MAX_BUCKETS];/* general distribution */
|
||||
word32 inUse; /* amount of memory currently in use */
|
||||
word32 ioUse;
|
||||
word32 alloc; /* total number of allocs */
|
||||
word32 frAlc; /* total number of frees */
|
||||
int flag;
|
||||
wolfSSL_Mutex memory_mutex;
|
||||
} WOLFSSL_HEAP;
|
||||
|
||||
/* structure passed into XMALLOC as heap hint
|
||||
* having this abstraction allows tracking statistics of individual ssl's
|
||||
*/
|
||||
typedef struct WOLFSSL_HEAP_HINT {
|
||||
WOLFSSL_HEAP* memory;
|
||||
WOLFSSL_MEM_CONN_STATS* stats; /* hold individual connection stats */
|
||||
wc_Memory* outBuf; /* set if using fixed io buffers */
|
||||
wc_Memory* inBuf;
|
||||
} WOLFSSL_HEAP_HINT;
|
||||
|
||||
|
||||
WOLFSSL_LOCAL int wolfSSL_load_static_memory(byte* buffer, word32 sz,
|
||||
int flag, WOLFSSL_HEAP* heap);
|
||||
WOLFSSL_LOCAL int wolfSSL_GetMemStats(WOLFSSL_HEAP* heap,
|
||||
WOLFSSL_MEM_STATS* stats);
|
||||
WOLFSSL_LOCAL int SetFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
|
||||
WOLFSSL_LOCAL int FreeFixedIO(WOLFSSL_HEAP* heap, wc_Memory** io);
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
||||
@@ -79,6 +79,7 @@ typedef struct PKCS7 {
|
||||
int hashOID;
|
||||
int encryptOID; /* key encryption algorithm OID */
|
||||
|
||||
void* heap; /* heap hint for dynamic memory */
|
||||
byte* singleCert; /* recipient cert, DER, not owner */
|
||||
word32 singleCertSz; /* size of recipient cert buffer, bytes */
|
||||
byte issuerHash[KEYID_SIZE]; /* hash of all alt Names */
|
||||
@@ -96,14 +97,15 @@ typedef struct PKCS7 {
|
||||
} PKCS7;
|
||||
|
||||
|
||||
WOLFSSL_LOCAL int wc_PKCS7_SetHeap(PKCS7* pkcs7, void* heap);
|
||||
WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output);
|
||||
WOLFSSL_LOCAL int wc_GetContentType(const byte* input, word32* inOutIdx,
|
||||
word32* oid, word32 maxIdx);
|
||||
WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
|
||||
int keyEncAlgo, int blockKeySz,
|
||||
WC_RNG* rng, byte* contentKeyPlain,
|
||||
byte* contentKeyEnc,
|
||||
int* keyEncSz, byte* out, word32 outSz);
|
||||
byte* contentKeyEnc, int* keyEncSz,
|
||||
byte* out, word32 outSz, void* heap);
|
||||
|
||||
WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
|
||||
WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
|
||||
|
||||
@@ -50,6 +50,9 @@ WOLFSSL_API int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
|
||||
WOLFSSL_API int wc_PKCS12_PBKDF(byte* output, const byte* passwd, int pLen,
|
||||
const byte* salt, int sLen, int iterations,
|
||||
int kLen, int typeH, int purpose);
|
||||
WOLFSSL_API int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd,int passLen,
|
||||
const byte* salt, int saltLen, int iterations, int kLen,
|
||||
int hashType, int id, void* heap);
|
||||
|
||||
/* helper functions */
|
||||
WOLFSSL_LOCAL int GetDigestSize(int typeH);
|
||||
|
||||
@@ -49,12 +49,16 @@ typedef struct RabbitCtx {
|
||||
typedef struct Rabbit {
|
||||
RabbitCtx masterCtx;
|
||||
RabbitCtx workCtx;
|
||||
#ifdef XSTREAM_ALIGN
|
||||
void* heap; /* heap hint, currently XMALLOC only used with aligning */
|
||||
#endif
|
||||
} Rabbit;
|
||||
|
||||
|
||||
WOLFSSL_API int wc_RabbitProcess(Rabbit*, byte*, const byte*, word32);
|
||||
WOLFSSL_API int wc_RabbitSetKey(Rabbit*, const byte* key, const byte* iv);
|
||||
|
||||
WOLFSSL_LOCAL int wc_Rabbit_SetHeap(Rabbit* ctx, void* heap);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
|
||||
@@ -88,6 +88,7 @@ struct DRBG; /* Private DRBG state */
|
||||
typedef struct WC_RNG {
|
||||
struct DRBG* drbg;
|
||||
OS_Seed seed;
|
||||
void* heap;
|
||||
byte status;
|
||||
} WC_RNG;
|
||||
|
||||
@@ -141,6 +142,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
|
||||
|
||||
|
||||
WOLFSSL_API int wc_InitRng(WC_RNG*);
|
||||
WOLFSSL_API int wc_InitRng_ex(WC_RNG* rng, void* heap);
|
||||
WOLFSSL_API int wc_RNG_GenerateBlock(WC_RNG*, byte*, word32 sz);
|
||||
WOLFSSL_API int wc_RNG_GenerateByte(WC_RNG*, byte*);
|
||||
WOLFSSL_API int wc_FreeRng(WC_RNG*);
|
||||
|
||||
@@ -1244,6 +1244,18 @@ static char *fgets(char *buff, int sz, FILE *fp)
|
||||
#endif
|
||||
#endif /* WOLFSSL_LEANTLS*/
|
||||
|
||||
/* restriction with static memory */
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#ifndef USE_FAST_MATH
|
||||
#error static memory requires fast math please define USE_FAST_MATH
|
||||
#endif
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
#error static memory does not support small stack please undefine
|
||||
#endif
|
||||
#ifndef TFM_TIMING_RESISTANT
|
||||
#error please define TFM_TIMING_RESISTANT with use of static memory
|
||||
#endif
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
/* Place any other flags or defines here */
|
||||
|
||||
|
||||
|
||||
@@ -114,6 +114,7 @@ typedef struct Srp {
|
||||
/**< The default function used by this implementation is a modified */
|
||||
/**< version of t_mgf1 that uses the proper hash function according */
|
||||
/**< to srp->type. */
|
||||
void* heap; /**< heap hint pointer */
|
||||
} Srp;
|
||||
|
||||
/**
|
||||
|
||||
@@ -195,10 +195,14 @@
|
||||
&& !defined(WOLFSSL_uITRON4) && !defined(WOLFSSL_uTKERNEL2)
|
||||
/* default C runtime, can install different routines at runtime via cbs */
|
||||
#include <wolfssl/wolfcrypt/memory.h>
|
||||
#ifdef WOLFSSL_DEBUG_MEMORY
|
||||
#if defined(WOLFSSL_DEBUG_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
|
||||
#elif defined(WOLFSSL_STATIC_MEMORY)
|
||||
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
|
||||
#else
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
|
||||
@@ -330,7 +334,8 @@
|
||||
DYNAMIC_TYPE_URL = 54,
|
||||
DYNAMIC_TYPE_DTLS_FRAG = 55,
|
||||
DYNAMIC_TYPE_DTLS_BUFFER = 56,
|
||||
DYNAMIC_TYPE_SESSION_TICK = 57
|
||||
DYNAMIC_TYPE_SESSION_TICK = 57,
|
||||
DYNAMIC_TYPE_PKCS = 58
|
||||
};
|
||||
|
||||
/* max error buffer string size */
|
||||
|
||||
Reference in New Issue
Block a user