mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 09:00:51 +02:00
src/ssl_api_pk.c: fix -Wmaybe-uninitialized in check_cert_key_dev() (defect introduced in #9723);
wolfcrypt/test/test.c: fix error-path memory leaks in srtpkdf_test(), and properly gate out incompatible SRTP_KDF_LONG_KEY test on old FIPS (defect introduced in #9733); .wolfssl_known_macro_extras: get into lexical order and remove unneeded WC_RSA_DIRECT.
This commit is contained in:
@@ -36,7 +36,6 @@ BLAKE2B_SELFTEST
|
||||
BLAKE2S_SELFTEST
|
||||
BLOCKING
|
||||
BSDKM_EXPORT_SYMS
|
||||
ENABLED_BSDKM_REGISTER
|
||||
BSP_DEFAULT_IO_CHANNEL_DEFINED
|
||||
BSP_LED_0
|
||||
BSP_LED_1
|
||||
@@ -215,6 +214,7 @@ DTLS_RECEIVEFROM_NO_TIMEOUT_ON_INVALID_PEER
|
||||
ECCSI_ORDER_MORE_BITS_THAN_PRIME
|
||||
ECC_DUMP_OID
|
||||
ECDHE_SIZE
|
||||
ENABLED_BSDKM_REGISTER
|
||||
ENABLE_SECURE_SOCKETS_LOGS
|
||||
ESP32
|
||||
ESP8266
|
||||
@@ -281,10 +281,10 @@ HAVE_INTEL_QAT_SYNC
|
||||
HAVE_INTEL_SPEEDUP
|
||||
HAVE_MDK_RTX
|
||||
HAVE_NETX_BSD
|
||||
HAVE_PKCS7_ECC_RAW_SIGN_CALLBACK
|
||||
HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
|
||||
HAVE_PKCS11_STATIC
|
||||
HAVE_PKCS11_V3_STATIC
|
||||
HAVE_PKCS7_ECC_RAW_SIGN_CALLBACK
|
||||
HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK
|
||||
HAVE_POCO_LIB
|
||||
HAVE_RTP_SYS
|
||||
HAVE_SECURE_GETENV
|
||||
@@ -636,7 +636,6 @@ WC_NO_VERBOSE_RNG
|
||||
WC_PKCS11_FIND_WITH_ID_ONLY
|
||||
WC_PROTECT_ENCRYPTED_MEM
|
||||
WC_RNG_BLOCKING
|
||||
WC_RSA_DIRECT
|
||||
WC_RSA_NONBLOCK
|
||||
WC_RSA_NONBLOCK_TIME
|
||||
WC_RSA_NO_FERMAT_CHECK
|
||||
|
||||
+15
-17
@@ -51,7 +51,7 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
|
||||
const byte* pubKey, word32 pubSz, int label, int id, void* heap, int devId)
|
||||
{
|
||||
int ret = 0;
|
||||
int type;
|
||||
int type = 0;
|
||||
void *pkey = NULL;
|
||||
|
||||
if (privKey == NULL) {
|
||||
@@ -84,14 +84,12 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
|
||||
type = DYNAMIC_TYPE_DILITHIUM;
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_FALCON)
|
||||
#if defined(HAVE_FALCON)
|
||||
case FALCON_LEVEL1k:
|
||||
case FALCON_LEVEL5k:
|
||||
type = DYNAMIC_TYPE_FALCON;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
type = 0;
|
||||
#endif
|
||||
}
|
||||
|
||||
ret = CreateDevPrivateKey(&pkey, privKey, privSz, type, label, id, heap,
|
||||
@@ -108,12 +106,12 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
|
||||
ret = wc_CryptoCb_RsaCheckPrivKey((RsaKey*)pkey, pubKey, pubSz);
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
#ifdef HAVE_ECC
|
||||
case ECDSAk:
|
||||
ret = wc_CryptoCb_EccCheckPrivKey((ecc_key*)pkey, pubKey,
|
||||
pubSz);
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_DILITHIUM)
|
||||
case ML_DSA_LEVEL2k:
|
||||
case ML_DSA_LEVEL3k:
|
||||
@@ -127,13 +125,13 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
|
||||
WC_PQC_SIG_TYPE_DILITHIUM, pubKey, pubSz);
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_FALCON)
|
||||
#if defined(HAVE_FALCON)
|
||||
case FALCON_LEVEL1k:
|
||||
case FALCON_LEVEL5k:
|
||||
ret = wc_CryptoCb_PqcSignatureCheckPrivKey(pkey,
|
||||
WC_PQC_SIG_TYPE_FALCON, pubKey, pubSz);
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
default:
|
||||
ret = 0;
|
||||
}
|
||||
@@ -146,31 +144,31 @@ static int check_cert_key_dev(word32 keyOID, byte* privKey, word32 privSz,
|
||||
#endif
|
||||
|
||||
switch (keyOID) {
|
||||
#ifndef NO_RSA
|
||||
#ifndef NO_RSA
|
||||
case RSAk:
|
||||
#ifdef WC_RSA_PSS
|
||||
#ifdef WC_RSA_PSS
|
||||
case RSAPSSk:
|
||||
#endif
|
||||
#endif
|
||||
wc_FreeRsaKey((RsaKey*)pkey);
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
case ECDSAk:
|
||||
wc_ecc_free((ecc_key*)pkey);
|
||||
break;
|
||||
#endif
|
||||
#if defined(HAVE_DILITHIUM)
|
||||
#if defined(HAVE_DILITHIUM)
|
||||
case ML_DSA_LEVEL2k:
|
||||
case ML_DSA_LEVEL3k:
|
||||
case ML_DSA_LEVEL5k:
|
||||
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
||||
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
||||
case DILITHIUM_LEVEL2k:
|
||||
case DILITHIUM_LEVEL3k:
|
||||
case DILITHIUM_LEVEL5k:
|
||||
#endif
|
||||
#endif
|
||||
wc_dilithium_free((dilithium_key*)pkey);
|
||||
break;
|
||||
#endif
|
||||
#endif
|
||||
#if defined(HAVE_FALCON)
|
||||
case FALCON_LEVEL1k:
|
||||
case FALCON_LEVEL5k:
|
||||
|
||||
+66
-59
@@ -31783,7 +31783,10 @@ typedef struct Srtp_Kdf_Tv {
|
||||
word32 ksSz;
|
||||
} Srtp_Kdf_Tv;
|
||||
|
||||
#define SRTP_KDF_LONG_KEY 5000
|
||||
#if !defined(BENCH_EMBEDDED) && !defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
|
||||
#define SRTP_KDF_LONG_KEY 5000
|
||||
#endif
|
||||
|
||||
WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
{
|
||||
@@ -32036,13 +32039,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
unsigned char keyE[32];
|
||||
unsigned char keyA[20];
|
||||
unsigned char keyS[14];
|
||||
#ifndef BENCH_EMBEDDED
|
||||
#ifdef SRTP_KDF_LONG_KEY
|
||||
WC_DECLARE_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_DECLARE_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_DECLARE_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
#ifndef BENCH_EMBEDDED
|
||||
#ifdef SRTP_KDF_LONG_KEY
|
||||
WC_ALLOC_VAR(keyELong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_ALLOC_VAR(keyALong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
WC_ALLOC_VAR(keySLong, byte, SRTP_KDF_LONG_KEY, HEAP_HINT);
|
||||
@@ -32071,73 +32074,73 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_ENCRYPTION,
|
||||
keyE, tv[i].keSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_MSG_AUTH,
|
||||
keyA, tv[i].kaSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_SALT, keyS,
|
||||
tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c,
|
||||
WC_SRTCP_LABEL_ENCRYPTION, keyE, tv[i].keSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_MSG_AUTH,
|
||||
keyA, tv[i].kaSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
|
||||
tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_SALT,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -32151,115 +32154,115 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
25, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
25, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
-2, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
-2, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, NULL, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, NULL, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, NULL, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, NULL, tv[i].kaSz,
|
||||
keyS, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
NULL, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
|
||||
tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
|
||||
NULL, tv[i].ksSz);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
idx = wc_SRTP_KDF_kdr_to_idx(0);
|
||||
if (idx != -1)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
for (i = 0; i < 32; i++) {
|
||||
word32 kdr = 1U << i;
|
||||
|
||||
@@ -32271,13 +32274,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
keyA, tv[i].kaSz, keyS, tv[i].ksSz,
|
||||
WC_SRTCP_48BIT_IDX);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, srtcpKe_48_1, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyA, srtcpKa_48_1, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyS, srtcpKs_48_1, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
ret = wc_SRTCP_KDF_ex(mk48_2, (word32)sizeof(mk48_2),
|
||||
ms48_2, (word32)sizeof(ms48_2),
|
||||
@@ -32285,44 +32288,48 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
|
||||
keyA, tv[i].kaSz, keyS, tv[i].ksSz,
|
||||
WC_SRTCP_48BIT_IDX);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(keyE, srtcpKe_48_2, tv[i].keSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyA, srtcpKa_48_2, tv[i].kaSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
if (XMEMCMP(keyS, srtcpKs_48_2, tv[i].ksSz) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
idx = wc_SRTP_KDF_kdr_to_idx(kdr);
|
||||
if (idx != i)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
|
||||
#ifndef BENCH_EMBEDDED
|
||||
#ifdef SRTP_KDF_LONG_KEY
|
||||
/* Check that long messages can be created. */
|
||||
ret = wc_SRTP_KDF(tv[0].key, tv[0].keySz, tv[0].salt, tv[0].saltSz,
|
||||
tv[0].kdfIdx, tv[0].index_c, keyELong, SRTP_KDF_LONG_KEY, keyALong,
|
||||
SRTP_KDF_LONG_KEY, keySLong, SRTP_KDF_LONG_KEY);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
/* Check that two bytes of counter are being used. */
|
||||
if (XMEMCMP(keyELong, keyELong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
if (XMEMCMP(keyELong, keyALong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
if (XMEMCMP(keyELong, keySLong + 4096, SRTP_KDF_LONG_KEY - 4096) == 0) {
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
}
|
||||
#endif /* SRTP_KDF_LONG_KEY */
|
||||
|
||||
out:
|
||||
|
||||
#ifdef SRTP_KDF_LONG_KEY
|
||||
WC_FREE_VAR(keyELong, HEAP_HINT);
|
||||
WC_FREE_VAR(keyALong, HEAP_HINT);
|
||||
WC_FREE_VAR(keySLong, HEAP_HINT);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user