From 548c01ce5423d24e9bf50592d02219dc7acfb166 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Thu, 18 May 2017 09:31:09 -0600 Subject: [PATCH] updated static memory feature with pkcs7 --- wolfcrypt/src/memory.c | 6 ++++ wolfcrypt/src/pkcs7.c | 60 ++++++++++++++++++++++++++++----------- wolfcrypt/test/test.c | 6 ++++ wolfssl/wolfcrypt/pkcs7.h | 1 + 4 files changed, 57 insertions(+), 16 deletions(-) diff --git a/wolfcrypt/src/memory.c b/wolfcrypt/src/memory.c index 927b0c4ad..32a676d6a 100644 --- a/wolfcrypt/src/memory.c +++ b/wolfcrypt/src/memory.c @@ -536,6 +536,9 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type) res = malloc(size); #else WOLFSSL_MSG("No heap hint found to use and no malloc"); + #ifdef WOLFSSL_DEBUG_MEMORY + printf("ERROR: at %s:%d\n", func, line); + #endif #endif /* WOLFSSL_NO_MALLOC */ #endif /* WOLFSSL_HEAP_TEST */ } @@ -611,6 +614,9 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type) } else { WOLFSSL_MSG("ERROR ran out of static memory"); + #ifdef WOLFSSL_DEBUG_MEMORY + printf("Looking for %lu bytes at %s:%d\n", size, func, line); + #endif } wc_UnLockMutex(&(mem->memory_mutex)); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 428e55b0f..684192b64 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -213,21 +213,49 @@ static int wc_PKCS7_GetOIDKeySize(int oid) } -/* init PKCS7 struct with recipient cert, decode into DecodedCert */ +/* This is to initialize a PKCS7 structure. It sets all values to 0 and can be + * used to set the heap hint. + * + * pkcs7 PKCS7 structure to initialize + * heap memory heap hint for PKCS7 structure to use + * devId currently not used but a place holder for async operations + * + * returns 0 on success or a negative value for failure + */ +int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId) +{ + WOLFSSL_ENTER("wc_PKCS7_Init"); + + if (pkcs7 == NULL) { + return BAD_FUNC_ARG; + } + + XMEMSET(pkcs7, 0, sizeof(PKCS7)); + pkcs7->heap = heap; + + (void)devId; /* silence unused warning */ + return 0; +} + + +/* init PKCS7 struct with recipient cert, decode into DecodedCert + * NOTE: keeps previously set pkcs7 memory heap hint */ int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) { int ret = 0; + void* heap; - XMEMSET(pkcs7, 0, sizeof(PKCS7)); - /* default heap hint is null or test value */ #ifdef WOLFSSL_HEAP_TEST - pkcs7->heap = (void*)WOLFSSL_HEAP_TEST; + heap = (void*)WOLFSSL_HEAP_TEST; #else - pkcs7->heap = NULL; + heap = pkcs7->heap; #endif - if (cert != NULL && certSz > 0) { + XMEMSET(pkcs7, 0, sizeof(PKCS7)); + pkcs7->heap = heap; + + if (cert != NULL && certSz > 0) { #ifdef WOLFSSL_SMALL_STACK DecodedCert* dCert; @@ -1940,7 +1968,7 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert, return BAD_FUNC_ARG; } - ret = wc_ecc_init(kari->recipKey); + ret = wc_ecc_init_ex(kari->recipKey, kari->heap, INVALID_DEVID); if (ret != 0) return ret; @@ -2810,7 +2838,7 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz, /* generate random IV, place in iv, return 0 on success negative on error */ -static int wc_PKCS7_GenerateIV(WC_RNG* rng, byte* iv, word32 ivSz) +static int wc_PKCS7_GenerateIV(PKCS7* pkcs7, WC_RNG* rng, byte* iv, word32 ivSz) { int ret; WC_RNG* rnd = NULL; @@ -2820,13 +2848,13 @@ static int wc_PKCS7_GenerateIV(WC_RNG* rng, byte* iv, word32 ivSz) /* input RNG is optional, init local one if input rng is NULL */ if (rng == NULL) { - rnd = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); + rnd = (WC_RNG*)XMALLOC(sizeof(WC_RNG), pkcs7->heap, DYNAMIC_TYPE_RNG); if (rnd == NULL) return MEMORY_E; - ret = wc_InitRng(rnd); + ret = wc_InitRng_ex(rnd, pkcs7->heap, INVALID_DEVID); if (ret != 0) { - XFREE(rnd, NULL, DYNAMIC_TYPE_RNG); + XFREE(rnd, pkcs7->heap, DYNAMIC_TYPE_RNG); return ret; } @@ -2838,7 +2866,7 @@ static int wc_PKCS7_GenerateIV(WC_RNG* rng, byte* iv, word32 ivSz) if (rng == NULL) { wc_FreeRng(rnd); - XFREE(rnd, NULL, DYNAMIC_TYPE_RNG); + XFREE(rnd, pkcs7->heap, DYNAMIC_TYPE_RNG); } return ret; @@ -3024,7 +3052,7 @@ int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) recipSetSz = SetSet(recipSz, recipSet); /* generate IV for block cipher */ - ret = wc_PKCS7_GenerateIV(&rng, tmpIv, blockSz); + ret = wc_PKCS7_GenerateIV(pkcs7, &rng, tmpIv, blockSz); wc_FreeRng(&rng); if (ret != 0) { #ifdef WOLFSSL_SMALL_STACK @@ -3306,7 +3334,7 @@ static int wc_PKCS7_DecodeKtri(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz, /* decrypt encryptedKey */ #ifdef WC_RSA_BLINDING - ret = wc_InitRng(&rng); + ret = wc_InitRng_ex(&rng, pkcs7->heap, INVALID_DEVID); if (ret == 0) { ret = wc_RsaSetRNG(privKey, &rng); } @@ -3394,7 +3422,7 @@ static int wc_PKCS7_KariGetOriginatorIdentifierOrKey(WC_PKCS7_KARI* kari, return ASN_EXPECT_0_E; /* get sender ephemeral public ECDSA key */ - ret = wc_ecc_init(kari->senderKey); + ret = wc_ecc_init_ex(kari->senderKey, kari->heap, INVALID_DEVID); if (ret != 0) return ret; @@ -4105,7 +4133,7 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz) } /* encrypt content */ - ret = wc_PKCS7_GenerateIV(NULL, tmpIv, blockSz); + ret = wc_PKCS7_GenerateIV(pkcs7, NULL, tmpIv, blockSz); if (ret != 0) { XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 7974cbb37..51388ded9 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -12147,6 +12147,10 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, for (i = 0; i < testSz; i++) { + ret = wc_PKCS7_Init(&pkcs7, HEAP_HINT, devId); + if (ret != 0) + return -7419; + ret = wc_PKCS7_InitWithCert(&pkcs7, testVectors[i].cert, (word32)testVectors[i].certSz); if (ret != 0) @@ -12419,6 +12423,7 @@ int pkcs7encrypted_test(void) pkcs7.encryptionKeySz = testVectors[i].encryptionKeySz; pkcs7.unprotectedAttribs = testVectors[i].attribs; pkcs7.unprotectedAttribsSz = testVectors[i].attribsSz; + pkcs7.heap = HEAP_HINT; /* encode encryptedData */ encryptedSz = wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted, @@ -12638,6 +12643,7 @@ static int pkcs7signed_run_vectors(byte* rsaCert, word32 rsaCertSz, for (i = 0; i < testSz; i++) { + pkcs7.heap = HEAP_HINT; ret = wc_PKCS7_InitWithCert(&pkcs7, testVectors[i].cert, (word32)testVectors[i].certSz); diff --git a/wolfssl/wolfcrypt/pkcs7.h b/wolfssl/wolfcrypt/pkcs7.h index 5ffab85ba..b92c451f2 100644 --- a/wolfssl/wolfcrypt/pkcs7.h +++ b/wolfssl/wolfcrypt/pkcs7.h @@ -130,6 +130,7 @@ typedef struct PKCS7 { } PKCS7; +WOLFSSL_API int wc_PKCS7_Init(PKCS7* pkcs7, void* heap, int devId); WOLFSSL_API int wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7); WOLFSSL_API int wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output,