Merge pull request #1843 from dgarske/async_fixes

Fixes for wolfCrypt async use with TLS
This commit is contained in:
JacobBarthelmeh
2018-09-24 09:51:19 -06:00
committed by GitHub
10 changed files with 142 additions and 47 deletions
+82 -31
View File
@@ -5322,12 +5322,12 @@ void FreeHandshakeResources(WOLFSSL* ssl)
#endif
#if defined(WOLFSSL_TLS13)
#if !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|| ssl->options.tls1_3
|| ssl->options.tls1_3
#elif !defined(HAVE_SESSION_TICKET)
|| (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END)
|| (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END)
#endif
#endif
) {
) {
if (ssl->options.weOwnRng) {
wc_FreeRng(ssl->rng);
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
@@ -10704,10 +10704,17 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
!defined(NO_ED25519_CLIENT_AUTH)
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
if (ret != WC_PENDING_E && ret != OCSP_WANT_READ)
#endif
{
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap,
DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
}
}
#endif
@@ -10776,10 +10783,15 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
!defined(NO_ED25519_CLIENT_AUTH)
if (ssl->options.resuming || !ssl->options.verifyPeer || \
!IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
if (ret != WC_PENDING_E && ret != OCSP_WANT_READ)
#endif
{
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
}
}
#endif
@@ -18075,7 +18087,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_P.buffer) {
ssl->buffers.serverDH_P.length = length;
}
@@ -18102,7 +18114,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
ssl->buffers.serverDH_G.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_G.buffer) {
ssl->buffers.serverDH_G.length = length;
}
@@ -18129,7 +18141,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
}
ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
if (ssl->buffers.serverDH_Pub.buffer) {
ssl->buffers.serverDH_Pub.length = length;
}
@@ -18480,11 +18492,15 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
args->sigSz = (word16)ret;
ret = 0;
}
/* peerRsaKey */
FreeKey(ssl, DYNAMIC_TYPE_RSA,
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
/* peerRsaKey */
FreeKey(ssl, DYNAMIC_TYPE_RSA,
(void**)&ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0;
ssl->peerRsaKeyPresent = 0;
}
break;
}
#endif /* !NO_RSA */
@@ -18503,10 +18519,15 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif
);
/* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ECC,
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
/* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
ssl->peerEccDsaKeyPresent = 0;
}
break;
}
#endif /* HAVE_ECC */
@@ -18525,10 +18546,15 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
#endif
);
/* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ED25519,
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
/* peerEccDsaKey */
FreeKey(ssl, DYNAMIC_TYPE_ED25519,
(void**)&ssl->peerEd25519Key);
ssl->peerEd25519KeyPresent = 0;
ssl->peerEd25519KeyPresent = 0;
}
break;
}
#endif /* HAVE_ED25519 */
@@ -19777,7 +19803,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
if (!ssl->specs.static_ecdh
#ifdef WOLFSSL_ASYNC_CRYPT
&& ret != WC_PENDING_E
#endif
) {
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
(void**)&ssl->peerX25519Key);
ssl->peerX25519KeyPresent = 0;
@@ -19792,7 +19822,10 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
@@ -19842,7 +19875,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
if (!ssl->specs.static_ecdh
#ifdef WOLFSSL_ASYNC_CRYPT
&& ret != WC_PENDING_E
#endif
) {
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
(void**)&ssl->peerX25519Key);
ssl->peerX25519KeyPresent = 0;
@@ -19861,7 +19898,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
if (!ssl->specs.static_ecdh
#ifdef WOLFSSL_ASYNC_CRYPT
&& ret != WC_PENDING_E
#endif
) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
@@ -25105,7 +25146,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&ssl->arrays->preMasterSz,
WOLFSSL_SERVER_END
);
if (ret == 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
@@ -25154,7 +25198,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
WOLFSSL_SERVER_END
);
if (ret == 0) {
#ifdef WOLFSSL_ASYNC_CRYPT
if (ret != WC_PENDING_E)
#endif
{
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
(void**)&ssl->peerX25519Key);
ssl->peerX25519KeyPresent = 0;
@@ -25170,7 +25217,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
WOLFSSL_SERVER_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
if (!ssl->specs.static_ecdh
#ifdef WOLFSSL_ASYNC_CRYPT
&& ret != WC_PENDING_E
#endif
) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
+12
View File
@@ -339,7 +339,11 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
int ret = 0;
if (useAtLeastSha256) {
#ifndef WC_ASYNC_NO_HASH
DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, heap);
#else
byte labelSeed[MAX_PRF_LABSEED];
#endif
if (labLen + seedLen > MAX_PRF_LABSEED)
return BUFFER_E;
@@ -354,7 +358,9 @@ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
ret = p_hash(digest, digLen, secret, secLen, labelSeed,
labLen + seedLen, hash_type, heap, devId);
#ifndef WC_ASYNC_NO_HASH
FREE_VAR(labelSeed, heap);
#endif
}
#ifndef NO_OLD_TLS
else {
@@ -517,7 +523,11 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
void* heap, int devId)
{
int ret;
#ifndef WC_ASYNC_NO_HASH
DECLARE_VAR(seed, byte, SEED_LEN, heap);
#else
byte seed[SEED_LEN];
#endif
XMEMCPY(seed, sr, RAN_LEN);
XMEMCPY(seed + RAN_LEN, cr, RAN_LEN);
@@ -525,7 +535,9 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len,
ret = PRF(key_dig, key_dig_len, ms, msLen, key_label, KEY_LABEL_SZ,
seed, SEED_LEN, tls1_2, hash_type, heap, devId);
#ifndef WC_ASYNC_NO_HASH
FREE_VAR(seed, heap);
#endif
return ret;
}
+7 -5
View File
@@ -5362,7 +5362,13 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
(RsaKey*)ssl->hsKey,
ssl->buffers.key
);
args->length = (word16)args->sigLen;
if (ret == 0) {
args->length = (word16)args->sigLen;
XMEMCPY(args->sigData,
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
args->sigLen);
}
}
#endif /* !NO_RSA */
@@ -5383,10 +5389,6 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
{
#ifndef NO_RSA
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
XMEMCPY(args->sigData,
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
args->sigLen);
/* check for signature faults */
ret = VerifyRsaSign(ssl, args->sigData, args->sigLen,
sig->buffer, sig->length, args->sigAlgo,
+5 -1
View File
@@ -35,7 +35,11 @@
#define MAX_ARGS 40
#define MAX_COMMAND_SZ 240
#define MAX_SUITE_SZ 80
#ifdef WOLFSSL_TLS13
#define MAX_SUITE_SZ 200
#else
#define MAX_SUITE_SZ 80
#endif
#define NOT_BUILT_IN -123
#if defined(NO_OLD_TLS) || !defined(WOLFSSL_ALLOW_SSLV3) || \
!defined(WOLFSSL_ALLOW_TLSV10)
+2 -2
View File
@@ -131,7 +131,7 @@ void* wolfSSL_Malloc(size_t size)
}
#ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
#if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Alloc: %p -> %u at %s:%d\n", res, (word32)size, func, line);
#else
(void)func;
@@ -172,7 +172,7 @@ void wolfSSL_Free(void *ptr)
#endif
{
#ifdef WOLFSSL_DEBUG_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY_PRINT
#if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Free: %p at %s:%d\n", ptr, func, line);
#else
(void)func;
+24
View File
@@ -301,7 +301,11 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
#else
wc_Sha256 sha[1];
#endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
(void)drbg;
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -362,7 +366,9 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
ForceZero(digest, WC_SHA256_DIGEST_SIZE);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap);
#endif
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
}
@@ -427,7 +433,11 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
#else
wc_Sha256 sha[1];
#endif
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
/* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for
* the continuous test. */
@@ -487,7 +497,9 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
}
ForceZero(data, sizeof(data));
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap);
#endif
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
}
@@ -529,7 +541,11 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
if (drbg->reseedCtr == RESEED_INTERVAL) {
return DRBG_NEED_RESEED;
} else {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
#else
byte digest[WC_SHA256_DIGEST_SIZE];
#endif
type = drbgGenerateH;
reseedCtr = drbg->reseedCtr;
@@ -566,7 +582,9 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
drbg->reseedCtr++;
}
ForceZero(digest, WC_SHA256_DIGEST_SIZE);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(digest, drbg->heap);
#endif
}
return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE;
@@ -718,7 +736,11 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
seedSz = MAX_SEED_SZ;
if (wc_RNG_HealthTestLocal(0) == 0) {
#ifdef WC_ASYNC_ENABLE_SHA256
DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
#else
byte seed[MAX_SEED_SZ];
#endif
rng->drbg =
(struct DRBG*)XMALLOC(sizeof(DRBG), rng->heap,
@@ -743,7 +765,9 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
}
ForceZero(seed, seedSz);
#ifdef WC_ASYNC_ENABLE_SHA256
FREE_VAR(seed, rng->heap);
#endif
}
else
ret = DRBG_CONT_FAILURE;
+2 -2
View File
@@ -97,7 +97,7 @@ int get_rand_digit(WC_RNG* rng, mp_digit* d)
int mp_rand(mp_int* a, int digits, WC_RNG* rng)
{
int ret = 0;
DECLARE_VAR(d, mp_digit, 1, rng->heap);
DECLARE_VAR(d, mp_digit, 1, rng ? rng->heap : NULL);
if (rng == NULL) {
ret = MISSING_RNG_E; goto exit;
@@ -141,7 +141,7 @@ int mp_rand(mp_int* a, int digits, WC_RNG* rng)
}
exit:
FREE_VAR(d, rng->heap);
FREE_VAR(d, rng ? rng->heap : NULL);
return ret;
}
+2
View File
@@ -15616,6 +15616,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
return 0;
}
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
#if !defined(WOLFSSL_ATECC508A) && defined(HAVE_ECC_KEY_IMPORT) && \
defined(HAVE_ECC_KEY_EXPORT)
static int ecc_point_test(void)
@@ -16115,6 +16116,7 @@ done:
wc_ecc_free(&key);
return ret;
}
#endif /* !NO_ECC256 || HAVE_ALL_CURVES */
#ifdef WOLFSSL_CERT_EXT
static int ecc_decode_test(void)
+1 -1
View File
@@ -104,7 +104,7 @@
typedef struct memoryList {
memHint* head;
memHint* tail;
uint32_t count;
word32 count;
} memoryList;
#endif
+5 -5
View File
@@ -282,10 +282,10 @@
/* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
VAR_TYPE* VAR_NAME = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define DECLARE_VAR_INIT(VAR_NAME, VAR_TYPE, VAR_SIZE, INIT_VALUE, HEAP) \
VAR_TYPE* VAR_NAME = ({ \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_TYPE* ptr = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
if (ptr && INIT_VALUE) { \
XMEMCPY(ptr, INIT_VALUE, sizeof(VAR_TYPE) * VAR_SIZE); \
} \
@@ -295,13 +295,13 @@
VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
int idx##VAR_NAME; \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
VAR_NAME[idx##VAR_NAME] = (VAR_TYPE*)XMALLOC(VAR_SIZE, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#define FREE_VAR(VAR_NAME, HEAP) \
XFREE(VAR_NAME, HEAP, DYNAMIC_TYPE_WOLF_BIGINT);
XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT);
#define FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) \
for (idx##VAR_NAME=0; idx##VAR_NAME<VAR_ITEMS; idx##VAR_NAME++) { \
XFREE(VAR_NAME[idx##VAR_NAME], HEAP, DYNAMIC_TYPE_WOLF_BIGINT); \
XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \
}
#else
#define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \