diff --git a/configure.ac b/configure.ac index 49dbade0e..45842cd3d 100644 --- a/configure.ac +++ b/configure.ac @@ -240,8 +240,8 @@ fi # Single Precision maths implementation if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" then - ENABLED_SP_DEFAULT=small - ENABLED_SP_MATH_ALL_DEFAULT=small + ENABLED_SP_DEFAULT=yes + ENABLED_SP_MATH_ALL_DEFAULT=yes else ENABLED_SP_DEFAULT=no ENABLED_SP_MATH_ALL_DEFAULT=no @@ -2204,26 +2204,14 @@ then fi -# STACK SIZE info for examples +# STACK SIZE info for testwolfcrypt and examples AC_ARG_ENABLE([stacksize], [AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])], [ ENABLED_STACKSIZE=$enableval ], [ ENABLED_STACKSIZE=no ] ) -# verbose, per-test stack size info, currently only implemented in testwolfcrypt -AC_ARG_ENABLE([stacksize-verbose], - [AS_HELP_STRING([--enable-stacksize-verbose],[Enable verbose stack size info on testwolfcrypt (default: disabled)])], - [ ENABLED_STACKSIZE_VERBOSE=$enableval ], - [ ENABLED_STACKSIZE_VERBOSE=no ] - ) - -if test "$ENABLED_STACKSIZE_VERBOSE" = "yes" -then - ENABLED_STACKSIZE=yes -fi - -if test "$ENABLED_STACKSIZE" = "yes" +if test "$ENABLED_STACKSIZE" != "no" then AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) AC_CHECK_DECL([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) @@ -2232,13 +2220,14 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE" fi -if test "$ENABLED_STACKSIZE_VERBOSE" = "yes" +if test "$ENABLED_STACKSIZE" = "verbose" then if test "$thread_ls_on" != "yes" then AC_MSG_ERROR(stacksize-verbose needs thread-local storage.) fi AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE_VERBOSE" + ENABLED_STACKSIZE=yes fi diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c index 79eccabe7..b1ea5231e 100644 --- a/linuxkm/module_hooks.c +++ b/linuxkm/module_hooks.c @@ -37,11 +37,20 @@ static int __init wolfssl_init(void) static int wolfssl_init(void) #endif { - int ret = wolfSSL_Init(); + int ret; +#ifdef WOLFCRYPT_ONLY + ret = wolfCrypt_Init(); + if (ret != 0) { + pr_err("wolfCrypt_Init() failed: %s", wc_GetErrorString(ret)); + return -ENOTRECOVERABLE; + } +#else + ret = wolfSSL_Init(); if (ret != WOLFSSL_SUCCESS) { pr_err("wolfSSL_Init() failed: %s", wc_GetErrorString(ret)); return -ENOTRECOVERABLE; } +#endif #ifndef NO_CRYPT_TEST ret = wolfcrypt_test(NULL); @@ -50,7 +59,11 @@ static int wolfssl_init(void) msleep(10); return -ENOTRECOVERABLE; } - pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " self-test passed. See https://www.wolfssl.com/ for information.\n"); + pr_info("wolfCrypt self-test passed.\n"); +#endif + +#ifdef WOLFCRYPT_ONLY + pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n"); #else pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " loaded. See https://www.wolfssl.com/ for information.\n"); #endif @@ -68,11 +81,20 @@ static void __exit wolfssl_exit(void) static void wolfssl_exit(void) #endif { - int ret = wolfSSL_Cleanup(); + int ret; +#ifdef WOLFCRYPT_ONLY + ret = wolfCrypt_Cleanup(); + if (ret != 0) + pr_err("wolfCrypt_Cleanup() failed: %s", wc_GetErrorString(ret)); + else + pr_info("wolfCrypt " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n"); +#else + ret = wolfSSL_Cleanup(); if (ret != WOLFSSL_SUCCESS) pr_err("wolfSSL_Cleanup() failed: %s", wc_GetErrorString(ret)); else pr_info("wolfSSL " LIBWOLFSSL_VERSION_STRING " cleanup complete.\n"); +#endif return; } diff --git a/src/ssl.c b/src/ssl.c index 7b47ba9a3..249977830 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -46394,7 +46394,7 @@ int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn) /* return compliant with OpenSSL * 1 if BIGNUM is word, 0 else */ -int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, unsigned long w) +int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w) { WOLFSSL_MSG("wolfSSL_BN_is_word"); diff --git a/wolfcrypt/src/dsa.c b/wolfcrypt/src/dsa.c index 310961e16..f62cec92d 100644 --- a/wolfcrypt/src/dsa.c +++ b/wolfcrypt/src/dsa.c @@ -42,6 +42,11 @@ #include #endif +#ifdef _MSC_VER + /* disable for while(0) cases (MSVC bug) */ + #pragma warning(disable:4127) +#endif + int wc_InitDsaKey(DsaKey* key) { if (key == NULL) @@ -682,242 +687,244 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng) int ret = 0, sz = 0; byte* tmp; /* initial output pointer */ + do { #ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME - if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY) + if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY) #else - if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY) + if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY) #endif - { - ret = MP_INIT_E; - goto out; - } + { + ret = MP_INIT_E; + break; + } #ifdef WOLFSSL_SMALL_STACK - if ((k == NULL) || - (kInv == NULL) || - (r == NULL) || - (s == NULL) || - (H == NULL) + if ((k == NULL) || + (kInv == NULL) || + (r == NULL) || + (s == NULL) || + (H == NULL) #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME - || (b == NULL) + || (b == NULL) #endif - || (buffer == NULL)) { - ret = MEMORY_E; - goto out; - } + || (buffer == NULL)) { + ret = MEMORY_E; + break; + } #endif - if (digest == NULL || out == NULL || key == NULL || rng == NULL) { - ret = BAD_FUNC_ARG; - goto out; - } - - sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q)); - tmp = out; - qMinus1 = kInv; - - /* NIST FIPS 186-4: B.2.2 - * Per-Message Secret Number Generation by Testing Candidates - * Generate k in range [1, q-1]. - * Check that k is less than q-1: range [0, q-2]. - * Add 1 to k: range [1, q-1]. - */ - if (mp_sub_d(&key->q, 1, qMinus1)) { - ret = MP_SUB_E; - goto out; - } - - do { - /* Step 4: generate k */ - if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) { - goto out; + if (digest == NULL || out == NULL || key == NULL || rng == NULL) { + ret = BAD_FUNC_ARG; + break; } - /* Step 5 */ - if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) { - ret = MP_READ_E; - goto out; - } + sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q)); + tmp = out; + qMinus1 = kInv; - /* k is a random numnber and it should be less than q-1 - * if k greater than repeat + /* NIST FIPS 186-4: B.2.2 + * Per-Message Secret Number Generation by Testing Candidates + * Generate k in range [1, q-1]. + * Check that k is less than q-1: range [0, q-2]. + * Add 1 to k: range [1, q-1]. */ - /* Step 6 */ - } while (mp_cmp(k, qMinus1) != MP_LT); + if (mp_sub_d(&key->q, 1, qMinus1)) { + ret = MP_SUB_E; + break; + } - /* Step 7 */ - if (mp_add_d(k, 1, k) != MP_OKAY) { - ret = MP_MOD_E; - goto out; - } + do { + /* Step 4: generate k */ + if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) { + break; + } + + /* Step 5 */ + if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) { + ret = MP_READ_E; + break; + } + + /* k is a random numnber and it should be less than q-1 + * if k greater than repeat + */ + /* Step 6 */ + } while (mp_cmp(k, qMinus1) != MP_LT); + + if (ret != 0) + break; + + /* Step 7 */ + if (mp_add_d(k, 1, k) != MP_OKAY) { + ret = MP_MOD_E; + break; + } #ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME - /* inverse k mod q */ - if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { - ret = MP_INVMOD_E; - goto out; - } - - /* generate r, r = (g exp k mod p) mod q */ - if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { - ret = MP_EXPTMOD_E; - goto out; - } - - if (mp_mod(r, &key->q, r) != MP_OKAY) { - ret = MP_MOD_E; - goto out; - } - - /* generate H from sha digest */ - if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) { - ret = MP_READ_E; - goto out; - } - - /* generate s, s = (kInv * (H + x*r)) % q */ - if (mp_mul(&key->x, r, s) != MP_OKAY) { - ret = MP_MUL_E; - goto out; - } - - if (mp_add(s, H, s) != MP_OKAY) { - ret = MP_ADD_E; - goto out; - } - - if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } -#else - /* Blinding value - * Generate b in range [1, q-1]. - */ - do { - if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) { - goto out; + /* inverse k mod q */ + if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { + ret = MP_INVMOD_E; + break; } - if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) { + + /* generate r, r = (g exp k mod p) mod q */ + if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { + ret = MP_EXPTMOD_E; + break; + } + + if (mp_mod(r, &key->q, r) != MP_OKAY) { + ret = MP_MOD_E; + break; + } + + /* generate H from sha digest */ + if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) { ret = MP_READ_E; - goto out; + break; } - } while (mp_cmp(b, qMinus1) != MP_LT); - if (mp_add_d(b, 1, b) != MP_OKAY) { - ret = MP_MOD_E; - goto out; - } + /* generate s, s = (kInv * (H + x*r)) % q */ + if (mp_mul(&key->x, r, s) != MP_OKAY) { + ret = MP_MUL_E; + break; + } - /* set H from sha digest */ - if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) { - ret = MP_READ_E; - goto out; - } + if (mp_add(s, H, s) != MP_OKAY) { + ret = MP_ADD_E; + break; + } - /* generate r, r = (g exp k mod p) mod q */ - if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { - ret = MP_EXPTMOD_E; - goto out; - } + if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } +#else + /* Blinding value + * Generate b in range [1, q-1]. + */ + do { + if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) { + break; + } + if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) { + ret = MP_READ_E; + break; + } + } while (mp_cmp(b, qMinus1) != MP_LT); - /* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */ + if (ret != 0) + break; - /* k = k.b */ - if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + if (mp_add_d(b, 1, b) != MP_OKAY) { + ret = MP_MOD_E; + break; + } - /* kInv = 1/k.b mod q */ - if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { - ret = MP_INVMOD_E; - goto out; - } + /* set H from sha digest */ + if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) { + ret = MP_READ_E; + break; + } - if (mp_mod(r, &key->q, r) != MP_OKAY) { - ret = MP_MOD_E; - goto out; - } + /* generate r, r = (g exp k mod p) mod q */ + if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) { + ret = MP_EXPTMOD_E; + break; + } - /* s = x.r */ - if (mp_mul(&key->x, r, s) != MP_OKAY) { - ret = MP_MUL_E; - goto out; - } + /* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */ - /* s = x.r/k.b */ - if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + /* k = k.b */ + if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } - /* H = H/k.b */ - if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + /* kInv = 1/k.b mod q */ + if (mp_invmod(k, &key->q, kInv) != MP_OKAY) { + ret = MP_INVMOD_E; + break; + } - /* s = H/k.b + x.r/k.b = (H + x.r)/k.b */ - if (mp_add(s, H, s) != MP_OKAY) { - ret = MP_ADD_E; - goto out; - } + if (mp_mod(r, &key->q, r) != MP_OKAY) { + ret = MP_MOD_E; + break; + } - /* s = b.(e + x.r)/k.b = (e + x.r)/k */ - if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + /* s = x.r */ + if (mp_mul(&key->x, r, s) != MP_OKAY) { + ret = MP_MUL_E; + break; + } - /* s = (e + x.r)/k */ - if (mp_mod(s, &key->q, s) != MP_OKAY) { - ret = MP_MOD_E; - goto out; - } + /* s = x.r/k.b */ + if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } + + /* H = H/k.b */ + if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } + + /* s = H/k.b + x.r/k.b = (H + x.r)/k.b */ + if (mp_add(s, H, s) != MP_OKAY) { + ret = MP_ADD_E; + break; + } + + /* s = b.(e + x.r)/k.b = (e + x.r)/k */ + if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } + + /* s = (e + x.r)/k */ + if (mp_mod(s, &key->q, s) != MP_OKAY) { + ret = MP_MOD_E; + break; + } #endif - /* detect zero r or s */ - if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) { - ret = MP_ZERO_E; - goto out; - } - - /* write out */ - { - int rSz = mp_unsigned_bin_size(r); - int sSz = mp_unsigned_bin_size(s); - - while (rSz++ < DSA_HALF_SIZE) { - *out++ = 0x00; /* pad front with zeros */ + /* detect zero r or s */ + if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) { + ret = MP_ZERO_E; + break; } - if (mp_to_unsigned_bin(r, out) != MP_OKAY) - ret = MP_TO_E; - else { - out = tmp + DSA_HALF_SIZE; /* advance to s in output */ - while (sSz++ < DSA_HALF_SIZE) { + /* write out */ + { + int rSz = mp_unsigned_bin_size(r); + int sSz = mp_unsigned_bin_size(s); + + while (rSz++ < DSA_HALF_SIZE) { *out++ = 0x00; /* pad front with zeros */ } - ret = mp_to_unsigned_bin(s, out); - } - } - out: + if (mp_to_unsigned_bin(r, out) != MP_OKAY) + ret = MP_TO_E; + else { + out = tmp + DSA_HALF_SIZE; /* advance to s in output */ + while (sSz++ < DSA_HALF_SIZE) { + *out++ = 0x00; /* pad front with zeros */ + } + ret = mp_to_unsigned_bin(s, out); + } + } + } while (0); #ifdef WOLFSSL_SMALL_STACK if (k) { - if (ret != MP_INIT_E) { + if (ret != MP_INIT_E) mp_forcezero(k); - mp_clear(k); - } XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } if (kInv) { - if (ret != MP_INIT_E) { + if (ret != MP_INIT_E) mp_forcezero(kInv); - mp_clear(kInv); - } XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } if (r) { @@ -937,10 +944,8 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng) } #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME if (b) { - if (ret != MP_INIT_E) { + if (ret != MP_INIT_E) mp_forcezero(b); - mp_clear(b); - } XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } #endif @@ -955,13 +960,10 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng) mp_forcezero(k); #ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME mp_forcezero(b); - mp_clear(b); #endif mp_clear(H); mp_clear(s); mp_clear(r); - mp_clear(kInv); - mp_clear(k); } #endif @@ -989,94 +991,94 @@ int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer) #endif int ret = 0; - if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) { - ret = MP_INIT_E; - goto out; - } + do { + if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) { + ret = MP_INIT_E; + break; + } - if (digest == NULL || sig == NULL || key == NULL || answer == NULL) { - ret = BAD_FUNC_ARG; - goto out; - } + if (digest == NULL || sig == NULL || key == NULL || answer == NULL) { + ret = BAD_FUNC_ARG; + break; + } #ifdef WOLFSSL_SMALL_STACK - if ((w == NULL) || - (u1 == NULL) || - (u2 == NULL) || - (v == NULL) || - (r == NULL) || - (s == NULL)) { - ret = MEMORY_E; - goto out; - } + if ((w == NULL) || + (u1 == NULL) || + (u2 == NULL) || + (v == NULL) || + (r == NULL) || + (s == NULL)) { + ret = MEMORY_E; + break; + } #endif - /* set r and s from signature */ - if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY || - mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) { - ret = MP_READ_E; - goto out; - } + /* set r and s from signature */ + if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY || + mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) { + ret = MP_READ_E; + break; + } - /* sanity checks */ - if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || - mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { - ret = MP_ZERO_E; - goto out; - } + /* sanity checks */ + if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || + mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) { + ret = MP_ZERO_E; + break; + } - /* put H into u1 from sha digest */ - if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) { - ret = MP_READ_E; - goto out; - } + /* put H into u1 from sha digest */ + if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) { + ret = MP_READ_E; + break; + } - /* w = s invmod q */ - if (mp_invmod(s, &key->q, w) != MP_OKAY) { - ret = MP_INVMOD_E; - goto out; - } + /* w = s invmod q */ + if (mp_invmod(s, &key->q, w) != MP_OKAY) { + ret = MP_INVMOD_E; + break; + } - /* u1 = (H * w) % q */ - if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + /* u1 = (H * w) % q */ + if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } - /* u2 = (r * w) % q */ - if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + /* u2 = (r * w) % q */ + if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } - /* verify v = ((g^u1 * y^u2) mod p) mod q */ - if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) { - ret = MP_EXPTMOD_E; - goto out; - } + /* verify v = ((g^u1 * y^u2) mod p) mod q */ + if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) { + ret = MP_EXPTMOD_E; + break; + } - if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) { - ret = MP_EXPTMOD_E; - goto out; - } + if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) { + ret = MP_EXPTMOD_E; + break; + } - if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } - if (mp_mod(v, &key->q, v) != MP_OKAY) { - ret = MP_MULMOD_E; - goto out; - } + if (mp_mod(v, &key->q, v) != MP_OKAY) { + ret = MP_MULMOD_E; + break; + } - /* do they match */ - if (mp_cmp(r, v) == MP_EQ) - *answer = 1; - else - *answer = 0; - - out: + /* do they match */ + if (mp_cmp(r, v) == MP_EQ) + *answer = 1; + else + *answer = 0; + } while (0); #ifdef WOLFSSL_SMALL_STACK if (s) { diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 4a90d0be5..05d3e6df6 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6593,8 +6593,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash, if (err == MP_OKAY) { if ((err = mp_init_multi(v, w, u1, u2, NULL, NULL)) != MP_OKAY) { err = MEMORY_E; + } else { + did_init = 1; } - did_init = 1; } /* allocate points */ @@ -9662,11 +9663,22 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, { int idx1 = -1, idx2 = -1, err, mpInit = 0; mp_digit mp; - mp_int mu; +#ifdef WOLFSSL_SMALL_STACK + mp_int *mu = (mp_int *)XMALLOC(sizeof *mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); - err = mp_init(&mu); - if (err != MP_OKAY) + if (mu == NULL) + return MP_MEM; +#else + mp_int mu[1]; +#endif + + err = mp_init(mu); + if (err != MP_OKAY) { +#ifdef WOLFSSL_SMALL_STACK + XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); +#endif return err; + } #ifndef HAVE_THREAD_LS if (initMutex == 0) { /* extra sanity check if wolfCrypt_Init not called */ @@ -9674,8 +9686,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, initMutex = 1; } - if (wc_LockMutex(&ecc_fp_lock) != 0) + if (wc_LockMutex(&ecc_fp_lock) != 0) { +#ifdef WOLFSSL_SMALL_STACK + XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); +#endif return BAD_MUTEX_E; + } #endif /* HAVE_THREAD_LS */ /* find point */ @@ -9718,12 +9734,12 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, if (err == MP_OKAY) { mpInit = 1; - err = mp_montgomery_calc_normalization(&mu, modulus); + err = mp_montgomery_calc_normalization(mu, modulus); } if (err == MP_OKAY) /* build the LUT */ - err = build_lut(idx1, a, modulus, mp, &mu); + err = build_lut(idx1, a, modulus, mp, mu); } } @@ -9735,13 +9751,13 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, err = mp_montgomery_setup(modulus, &mp); if (err == MP_OKAY) { mpInit = 1; - err = mp_montgomery_calc_normalization(&mu, modulus); + err = mp_montgomery_calc_normalization(mu, modulus); } } if (err == MP_OKAY) /* build the LUT */ - err = build_lut(idx2, a, modulus, mp, &mu); + err = build_lut(idx2, a, modulus, mp, mu); } } @@ -9763,7 +9779,10 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, #ifndef HAVE_THREAD_LS wc_UnLockMutex(&ecc_fp_lock); #endif /* HAVE_THREAD_LS */ - mp_clear(&mu); + mp_clear(mu); +#ifdef WOLFSSL_SMALL_STACK + XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); +#endif return err; } @@ -10805,7 +10824,17 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret) mp_int *T = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); mp_int *R = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); mp_int *two = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER); +#else + mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1]; +#endif + if ((mp_init_multi(t1, C, Q, S, Z, M) != MP_OKAY) || + (mp_init_multi(T, R, two, NULL, NULL, NULL) != MP_OKAY)) { + res = MP_INIT_E; + goto out; + } + +#ifdef WOLFSSL_SMALL_STACK if ((t1 == NULL) || (C == NULL) || (Q == NULL) || @@ -10818,8 +10847,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret) res = MP_MEM; goto out; } -#else - mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1]; #endif /* first handle the simple cases n = 0 or n = 1 */ @@ -10848,13 +10875,6 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret) goto out; } - if ((res = mp_init_multi(t1, C, Q, S, Z, M)) != MP_OKAY) - goto out; - - if ((res = mp_init_multi(T, R, two, NULL, NULL, NULL)) - != MP_OKAY) - goto out; - /* SPECIAL CASE: if prime mod 4 == 3 * compute directly: res = n^(prime+1)/4 mod prime * Handbook of Applied Cryptography algorithm 3.36 @@ -10989,51 +11009,62 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret) #ifdef WOLFSSL_SMALL_STACK if (t1) { - mp_clear(t1); + if (res != MP_INIT_E) + mp_clear(t1); XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (C) { - mp_clear(C); + if (res != MP_INIT_E) + mp_clear(C); XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (Q) { - mp_clear(Q); + if (res != MP_INIT_E) + mp_clear(Q); XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (S) { - mp_clear(S); + if (res != MP_INIT_E) + mp_clear(S); XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (Z) { - mp_clear(Z); + if (res != MP_INIT_E) + mp_clear(Z); XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (M) { - mp_clear(M); + if (res != MP_INIT_E) + mp_clear(M); XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (T) { - mp_clear(T); + if (res != MP_INIT_E) + mp_clear(T); XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (R) { - mp_clear(R); + if (res != MP_INIT_E) + mp_clear(R); XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER); } if (two) { - mp_clear(two); + if (res != MP_INIT_E) + mp_clear(two); XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER); } #else - mp_clear(t1); - mp_clear(C); - mp_clear(Q); - mp_clear(S); - mp_clear(Z); - mp_clear(M); - mp_clear(T); - mp_clear(R); - mp_clear(two); + if (res != MP_INIT_E) { + mp_clear(t1); + mp_clear(C); + mp_clear(Q); + mp_clear(S); + mp_clear(Z); + mp_clear(M); + mp_clear(T); + mp_clear(R); + mp_clear(two); + } #endif return res; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 2a81af751..8920115ee 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -33,14 +33,25 @@ #ifndef NO_CRYPT_TEST -/* only for stack size check */ -#ifdef HAVE_STACK_SIZE +#if defined(HAVE_STACK_SIZE) && !defined(HAVE_WOLFCRYPT_TEST_OPTIONS) + #define HAVE_WOLFCRYPT_TEST_OPTIONS +#endif + +#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS #include #define err_sys err_sys_remap /* remap err_sys */ #include #undef err_sys +#endif + +#if defined(HAVE_STACK_SIZE_VERBOSE) +#ifdef WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES + static ssize_t max_relative_stack = WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES; #else - #define STACK_SIZE_CHECKPOINT(...) (__VA_ARGS__) + static ssize_t max_relative_stack = -1; +#endif +#else + #define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) (__VA_ARGS__, 0) #define STACK_SIZE_INIT() #endif @@ -468,14 +479,14 @@ static int err_sys(const char* msg, int es) EXIT_TEST(-1); } -#ifndef HAVE_STACK_SIZE +#ifndef HAVE_WOLFCRYPT_TEST_OPTIONS /* func_args from test.h, so don't have to pull in other stuff */ typedef struct func_args { int argc; char** argv; int return_code; } func_args; -#endif /* !HAVE_STACK_SIZE */ +#endif /* !HAVE_WOLFCRYPT_TEST_OPTIONS */ #ifdef HAVE_FIPS @@ -529,13 +540,13 @@ static int wolfssl_pb_print(const char* msg, ...) { va_list args; va_start(args, fmt); - STACK_SIZE_CHECKPOINT(printf(fmt, args)); + STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, vprintf(fmt, args)); va_end(args); TEST_SLEEP(); } #else /* redirect to printf */ - #define test_pass(...) STACK_SIZE_CHECKPOINT(printf(__VA_ARGS__)) + #define test_pass(...) { if (STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max_relative_stack, printf(__VA_ARGS__)) < 0) { return err_sys("post-test check failed", -1); }} /* stub the sleep macro */ #define TEST_SLEEP() #endif @@ -553,13 +564,32 @@ int wolfcrypt_test(void* args) printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING); printf("------------------------------------------------------------------------------\n"); - if (args) + if (args) { +#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS + int ch; +#endif ((func_args*)args)->return_code = -1; /* error state */ +#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS + while ((ch = mygetopt(((func_args*)args)->argc, ((func_args*)args)->argv, "s:")) != -1) { + switch(ch) { + case 's': +#ifdef HAVE_STACK_SIZE_VERBOSE + max_relative_stack = (ssize_t)atoi(myoptarg); + break; +#else + return err_sys("-s (max relative stack size) requires HAVE_STACK_SIZE_VERBOSE.", -1); +#endif + default: + return err_sys("unknown test option.", -1); + } + } +#endif + } #ifdef WOLFSSL_STATIC_MEMORY if (wc_LoadStaticMemory(&HEAP_HINT, gTestMemory, sizeof(gTestMemory), WOLFMEM_GENERAL, 1) != 0) { - printf("unable to load static memory"); + printf("unable to load static memory.\n"); return(EXIT_FAILURE); } #endif @@ -1261,6 +1291,12 @@ initDefaultName(); #ifdef WOLFSSL_ESPIDF void app_main( ) #else + +#ifdef HAVE_WOLFCRYPT_TEST_OPTIONS + int myoptind = 0; + char* myoptarg = NULL; +#endif + int main(int argc, char** argv) #endif { @@ -7968,10 +8004,18 @@ static int aes_cbc_test(void) static int aes_test(void) { #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) - Aes enc; +#ifdef WOLFSSL_SMALL_STACK + Aes *enc = (Aes *)XMALLOC(sizeof *enc, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + Aes enc[1]; +#endif byte cipher[AES_BLOCK_SIZE * 4]; #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) - Aes dec; +#ifdef WOLFSSL_SMALL_STACK + Aes *dec = (Aes *)XMALLOC(sizeof *dec, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#else + Aes dec[1]; +#endif byte plain [AES_BLOCK_SIZE * 4]; #endif #endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER */ @@ -7991,45 +8035,57 @@ static int aes_test(void) 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb }; - byte key[] = "0123456789abcdef "; /* align */ - byte iv[] = "1234567890abcdef "; /* align */ + static const byte key[] = "0123456789abcdef "; /* align */ + static const byte iv[] = "1234567890abcdef "; /* align */ - if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) - return -5900; -#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) - if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) - return -5901; +#ifdef WOLFSSL_SMALL_STACK +#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) + if (enc == NULL) + ERROR_OUT(-5948, out); #endif - ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); - if (ret != 0) - return -5902; +#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) + if (dec == NULL) + ERROR_OUT(-5949, out); +#endif +#endif + + if (wc_AesInit(enc, HEAP_HINT, devId) != 0) + ERROR_OUT(-5900, out); /* note this error code is used programmatically in cleanup. */ #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) - ret = wc_AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (wc_AesInit(dec, HEAP_HINT, devId) != 0) + ERROR_OUT(-5901, out); /* note this error code is used programmatically in cleanup. */ +#endif + + ret = wc_AesSetKey(enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); if (ret != 0) - return -5903; + ERROR_OUT(-5902, out); +#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) + ret = wc_AesSetKey(dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (ret != 0) + ERROR_OUT(-5903, out); #endif XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4); - ret = wc_AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); + ret = wc_AesCbcEncrypt(enc, cipher, msg, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5904; + ERROR_OUT(-5904, out); #ifdef HAVE_AES_DECRYPT XMEMSET(plain, 0, AES_BLOCK_SIZE * 4); - ret = wc_AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + ret = wc_AesCbcDecrypt(dec, plain, cipher, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5905; + ERROR_OUT(-5905, out); if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) - return -5906; + ERROR_OUT(-5906, out); #endif /* HAVE_AES_DECRYPT */ if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) - return -5907; + ERROR_OUT(-5907, out); #endif /* WOLFSSL_AES_128 */ #if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT) @@ -8086,9 +8142,21 @@ static int aes_test(void) 0x65,0x73,0x20,0x4a,0x61,0x63,0x6b,0x20 }; static const byte bigKey[] = "0123456789abcdeffedcba9876543210"; + word32 keySz, msgSz; +#ifdef WOLFSSL_SMALL_STACK + byte *bigCipher = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER); + byte *bigPlain = (byte *)XMALLOC(sizeof(bigMsg), NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if ((bigCipher == NULL) || + (bigPlain == NULL)) { + if (bigCipher != NULL) + XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER); + ERROR_OUT(-5947, out); + } +#else byte bigCipher[sizeof(bigMsg)]; byte bigPlain[sizeof(bigMsg)]; - word32 keySz, msgSz; +#endif /* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole * message by AES_BLOCK_SIZE for each size of AES key. */ @@ -8097,33 +8165,53 @@ static int aes_test(void) msgSz <= sizeof(bigMsg); msgSz += AES_BLOCK_SIZE) { - XMEMSET(bigCipher, 0, sizeof(bigCipher)); - XMEMSET(bigPlain, 0, sizeof(bigPlain)); - ret = wc_AesSetKey(&enc, bigKey, keySz, iv, AES_ENCRYPTION); - if (ret != 0) - return -5908; - ret = wc_AesSetKey(&dec, bigKey, keySz, iv, AES_DECRYPTION); - if (ret != 0) - return -5909; + XMEMSET(bigCipher, 0, sizeof(bigMsg)); + XMEMSET(bigPlain, 0, sizeof(bigMsg)); + ret = wc_AesSetKey(enc, bigKey, keySz, iv, AES_ENCRYPTION); + if (ret != 0) { + ret = -5908; + break; + } + ret = wc_AesSetKey(dec, bigKey, keySz, iv, AES_DECRYPTION); + if (ret != 0) { + ret = -5909; + break; + } - ret = wc_AesCbcEncrypt(&enc, bigCipher, bigMsg, msgSz); + ret = wc_AesCbcEncrypt(enc, bigCipher, bigMsg, msgSz); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif - if (ret != 0) - return -5910; + if (ret != 0) { + ret = -5910; + break; + } - ret = wc_AesCbcDecrypt(&dec, bigPlain, bigCipher, msgSz); + ret = wc_AesCbcDecrypt(dec, bigPlain, bigCipher, msgSz); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE); #endif - if (ret != 0) - return -5911; + if (ret != 0) { + ret = -5911; + break; + } - if (XMEMCMP(bigPlain, bigMsg, msgSz)) - return -5912; + if (XMEMCMP(bigPlain, bigMsg, msgSz)) { + ret = -5912; + break; + } } + if (ret != 0) + break; } + +#ifdef WOLFSSL_SMALL_STACK + XFREE(bigCipher, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(bigPlain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (ret != 0) + goto out; } #endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */ @@ -8148,64 +8236,64 @@ static int aes_test(void) 0x50, 0x86, 0xcb, 0x9b, 0x50, 0x72, 0x19, 0xee, 0x95, 0xdb, 0x11, 0x3a, 0x91, 0x76, 0x78, 0xb2 }; - byte key2[] = { + static const byte key2[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c }; - byte iv2[] = { + static const byte iv2[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; - ret = wc_AesSetKey(&enc, key2, sizeof(key2), iv2, AES_ENCRYPTION); + ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION); if (ret != 0) - return -5913; + ERROR_OUT(-5913, out); XMEMSET(cipher, 0, AES_BLOCK_SIZE * 2); - ret = wc_AesCbcEncrypt(&enc, cipher, msg2, AES_BLOCK_SIZE); + ret = wc_AesCbcEncrypt(enc, cipher, msg2, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5914; + ERROR_OUT(-5914, out); if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE)) - return -5915; + ERROR_OUT(-5915, out); - ret = wc_AesCbcEncrypt(&enc, cipher + AES_BLOCK_SIZE, + ret = wc_AesCbcEncrypt(enc, cipher + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &enc.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, enc.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5916; + ERROR_OUT(-5916, out); if (XMEMCMP(cipher + AES_BLOCK_SIZE, verify2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE)) - return -5917; + ERROR_OUT(-5917, out); #if defined(HAVE_AES_DECRYPT) - ret = wc_AesSetKey(&dec, key2, sizeof(key2), iv2, AES_DECRYPTION); + ret = wc_AesSetKey(dec, key2, sizeof(key2), iv2, AES_DECRYPTION); if (ret != 0) - return -5918; + ERROR_OUT(-5918, out); XMEMSET(plain, 0, AES_BLOCK_SIZE * 2); - ret = wc_AesCbcDecrypt(&dec, plain, verify2, AES_BLOCK_SIZE); + ret = wc_AesCbcDecrypt(dec, plain, verify2, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5919; + ERROR_OUT(-5919, out); if (XMEMCMP(plain, msg2, AES_BLOCK_SIZE)) - return -5920; + ERROR_OUT(-5920, out); - ret = wc_AesCbcDecrypt(&dec, plain + AES_BLOCK_SIZE, + ret = wc_AesCbcDecrypt(dec, plain + AES_BLOCK_SIZE, verify2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE); #if defined(WOLFSSL_ASYNC_CRYPT) - ret = wc_AsyncWait(ret, &dec.asyncDev, WC_ASYNC_FLAG_NONE); + ret = wc_AsyncWait(ret, dec.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) - return -5921; + ERROR_OUT(-5921, out); if (XMEMCMP(plain + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE)) - return -5922; + ERROR_OUT(-5922, out); #endif /* HAVE_AES_DECRYPT */ } @@ -8304,113 +8392,113 @@ static int aes_test(void) #endif #ifdef WOLFSSL_AES_128 - wc_AesSetKeyDirect(&enc, ctr128Key, sizeof(ctr128Key), + wc_AesSetKeyDirect(enc, ctr128Key, sizeof(ctr128Key), ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ - wc_AesSetKeyDirect(&dec, ctr128Key, sizeof(ctr128Key), + wc_AesSetKeyDirect(dec, ctr128Key, sizeof(ctr128Key), ctrIv, AES_ENCRYPTION); - ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(ctrPlain)); + ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(ctrPlain)); if (ret != 0) { - return -5923; + ERROR_OUT(-5923, out); } - ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(ctrPlain)); + ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(ctrPlain)); if (ret != 0) { - return -5924; + ERROR_OUT(-5924, out); } if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain))) - return -5925; + ERROR_OUT(-5925, out); if (XMEMCMP(cipher, ctr128Cipher, sizeof(ctr128Cipher))) - return -5926; + ERROR_OUT(-5926, out); /* let's try with just 9 bytes, non block size test */ - wc_AesSetKeyDirect(&enc, ctr128Key, AES_BLOCK_SIZE, + wc_AesSetKeyDirect(enc, ctr128Key, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ - wc_AesSetKeyDirect(&dec, ctr128Key, AES_BLOCK_SIZE, + wc_AesSetKeyDirect(dec, ctr128Key, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); - ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher)); + ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher)); if (ret != 0) { - return -5927; + ERROR_OUT(-5927, out); } - ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher)); + ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher)); if (ret != 0) { - return -5928; + ERROR_OUT(-5928, out); } if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher))) - return -5929; + ERROR_OUT(-5929, out); if (XMEMCMP(cipher, ctr128Cipher, sizeof(oddCipher))) - return -5930; + ERROR_OUT(-5930, out); /* and an additional 9 bytes to reuse tmp left buffer */ - ret = wc_AesCtrEncrypt(&enc, cipher, ctrPlain, sizeof(oddCipher)); + ret = wc_AesCtrEncrypt(enc, cipher, ctrPlain, sizeof(oddCipher)); if (ret != 0) { - return -5931; + ERROR_OUT(-5931, out); } - ret = wc_AesCtrEncrypt(&dec, plain, cipher, sizeof(oddCipher)); + ret = wc_AesCtrEncrypt(dec, plain, cipher, sizeof(oddCipher)); if (ret != 0) { - return -5932; + ERROR_OUT(-5932, out); } if (XMEMCMP(plain, ctrPlain, sizeof(oddCipher))) - return -5933; + ERROR_OUT(-5933, out); if (XMEMCMP(cipher, oddCipher, sizeof(oddCipher))) - return -5934; + ERROR_OUT(-5934, out); #endif /* WOLFSSL_AES_128 */ #ifdef WOLFSSL_AES_192 /* 192 bit key */ - wc_AesSetKeyDirect(&enc, ctr192Key, sizeof(ctr192Key), + wc_AesSetKeyDirect(enc, ctr192Key, sizeof(ctr192Key), ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ - wc_AesSetKeyDirect(&dec, ctr192Key, sizeof(ctr192Key), + wc_AesSetKeyDirect(dec, ctr192Key, sizeof(ctr192Key), ctrIv, AES_ENCRYPTION); XMEMSET(plain, 0, sizeof(plain)); - ret = wc_AesCtrEncrypt(&enc, plain, ctr192Cipher, sizeof(ctr192Cipher)); + ret = wc_AesCtrEncrypt(enc, plain, ctr192Cipher, sizeof(ctr192Cipher)); if (ret != 0) { - return -5935; + ERROR_OUT(-5935, out); } if (XMEMCMP(plain, ctrPlain, sizeof(ctr192Cipher))) - return -5936; + ERROR_OUT(-5936, out); - ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain)); + ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain)); if (ret != 0) { - return -5937; + ERROR_OUT(-5937, out); } if (XMEMCMP(ctr192Cipher, cipher, sizeof(ctr192Cipher))) - return -5938; + ERROR_OUT(-5938, out); #endif /* WOLFSSL_AES_192 */ #ifdef WOLFSSL_AES_256 /* 256 bit key */ - wc_AesSetKeyDirect(&enc, ctr256Key, sizeof(ctr256Key), + wc_AesSetKeyDirect(enc, ctr256Key, sizeof(ctr256Key), ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ - wc_AesSetKeyDirect(&dec, ctr256Key, sizeof(ctr256Key), + wc_AesSetKeyDirect(dec, ctr256Key, sizeof(ctr256Key), ctrIv, AES_ENCRYPTION); XMEMSET(plain, 0, sizeof(plain)); - ret = wc_AesCtrEncrypt(&enc, plain, ctr256Cipher, sizeof(ctr256Cipher)); + ret = wc_AesCtrEncrypt(enc, plain, ctr256Cipher, sizeof(ctr256Cipher)); if (ret != 0) { - return -5939; + ERROR_OUT(-5939, out); } if (XMEMCMP(plain, ctrPlain, sizeof(ctrPlain))) - return -5940; + ERROR_OUT(-5940, out); - ret = wc_AesCtrEncrypt(&dec, cipher, ctrPlain, sizeof(ctrPlain)); + ret = wc_AesCtrEncrypt(dec, cipher, ctrPlain, sizeof(ctrPlain)); if (ret != 0) { - return -5941; + ERROR_OUT(-5941, out); } if (XMEMCMP(ctr256Cipher, cipher, sizeof(ctr256Cipher))) - return -5942; + ERROR_OUT(-5942, out); #endif /* WOLFSSL_AES_256 */ } #endif /* WOLFSSL_AES_COUNTER */ @@ -8438,77 +8526,101 @@ static int aes_test(void) }; XMEMSET(cipher, 0, AES_BLOCK_SIZE); - ret = wc_AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); if (ret != 0) - return -5943; - wc_AesEncryptDirect(&enc, cipher, niPlain); + ERROR_OUT(-5943, out); + wc_AesEncryptDirect(enc, cipher, niPlain); if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) - return -5944; + ERROR_OUT(-5944, out); XMEMSET(plain, 0, AES_BLOCK_SIZE); - ret = wc_AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); if (ret != 0) - return -5945; - wc_AesDecryptDirect(&dec, plain, niCipher); + ERROR_OUT(-5945, out); + wc_AesDecryptDirect(dec, plain, niCipher); if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) - return -5946; + ERROR_OUT(-5946, out); } #endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */ ret = aes_key_size_test(); if (ret != 0) - return ret; + goto out; #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) ret = aes_cbc_test(); if (ret != 0) - return ret; + goto out; #endif #if defined(WOLFSSL_AES_XTS) #ifdef WOLFSSL_AES_128 ret = aes_xts_128_test(); if (ret != 0) - return ret; + goto out; #endif #ifdef WOLFSSL_AES_256 ret = aes_xts_256_test(); if (ret != 0) - return ret; + goto out; #endif #if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256) ret = aes_xts_sector_test(); if (ret != 0) - return ret; + goto out; #endif #ifdef WOLFSSL_AES_128 ret = aes_xts_args_test(); if (ret != 0) - return ret; + goto out; #endif #endif #if defined(WOLFSSL_AES_CFB) ret = aescfb_test(); if (ret != 0) - return ret; + goto out; #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) ret = aescfb1_test(); if (ret != 0) - return ret; + goto out; ret = aescfb8_test(); if (ret != 0) - return ret; + goto out; #endif #endif + out: #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) - wc_AesFree(&enc); +#ifdef WOLFSSL_SMALL_STACK + if (enc) { + if (ret != -5900) /* note this must match ERRROR_OUT() code + * for wc_AesInit(enc, ...) failure above. + */ + wc_AesFree(enc); + XFREE(enc, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } +#else + if (ret != -5900) + wc_AesFree(enc); +#endif (void)cipher; #if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_COUNTER) - wc_AesFree(&dec); +#ifdef WOLFSSL_SMALL_STACK + if (dec) { + if ((ret != -5900) && (ret != -5901)) + /* note these codes must match the ERRROR_OUT() codes for + * wc_AesInit() failures above. + */ + wc_AesFree(dec); + XFREE(dec, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } +#else + if ((ret != -5900) && (ret != -5901)) + wc_AesFree(dec); +#endif (void)plain; #endif #endif @@ -27004,17 +27116,16 @@ typedef struct { } pkcs7AuthEnvelopedVector; -#ifndef WOLFSSL_LINUXKM static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, byte* rsaPrivKey, word32 rsaPrivKeySz, byte* eccCert, word32 eccCertSz, byte* eccPrivKey, word32 eccPrivKeySz) { - int ret = 0, testSz, i; + int ret = 0, testSz = 0, i; int envelopedSz, decodedSz; - byte *enveloped; - byte *decoded; + byte *enveloped = NULL; + byte *decoded = NULL; WC_RNG rng; PKCS7* pkcs7; #ifdef PKCS7_OUTPUT_TEST_BUNDLES @@ -27027,7 +27138,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, }; byte senderNonce[PKCS7_NONCE_SZ + 2]; #ifdef HAVE_ECC - byte senderNonceOid[] = + static const byte senderNonceOid[] = { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0x05 }; @@ -27040,20 +27151,20 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \ defined(WOLFSSL_SHA512) - byte optionalUkm[] = { + static const byte optionalUkm[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }; #endif /* NO_AES */ #if !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128) /* encryption key for kekri recipient types */ - byte secretKey[] = { + static const byte secretKey[] = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07 }; /* encryption key identifier */ - byte secretKeyId[] = { + static const byte secretKeyId[] = { 0x02,0x02,0x03,0x04 }; #endif @@ -27062,58 +27173,76 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, !defined(NO_SHA) && defined(WOLFSSL_AES_128) #ifndef HAVE_FIPS - char password[] = "password"; + static const char password[] = "password"; #else - char password[] = "passwordFIPS_MODE"; + static const char password[] = "passwordFIPS_MODE"; #endif - byte salt[] = { + static const byte salt[] = { 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 }; #endif - const pkcs7AuthEnvelopedVector testVectors[] = + pkcs7AuthEnvelopedVector *testVectors = NULL; + { +#define ADD_PKCS7_TEST_VEC(...) { \ + const pkcs7AuthEnvelopedVector vec = __VA_ARGS__; \ + testVectors = (pkcs7AuthEnvelopedVector *) \ + XREALLOC(testVectors, \ + sizeof *testVectors * (testSz + 1), \ + HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); \ + if (testVectors == NULL) \ + ERROR_OUT(-12233, out); \ + XMEMCPY(&testVectors[testSz++], &vec, sizeof *testVectors); \ + } + /* key transport key encryption technique */ #ifndef NO_RSA #if !defined(NO_AES) && defined(HAVE_AESGCM) #ifdef WOLFSSL_AES_128 + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, - 0, 0, "pkcs7authEnvelopedDataAES128GCM.der"}, + 0, 0, "pkcs7authEnvelopedDataAES128GCM.der"}); #endif #ifdef WOLFSSL_AES_192 + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES192GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, - 0, 0, "pkcs7authEnvelopedDataAES192GCM.der"}, + 0, 0, "pkcs7authEnvelopedDataAES192GCM.der"}); #endif #ifdef WOLFSSL_AES_256 + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, - 0, 0, "pkcs7authEnvelopedDataAES256GCM.der"}, + 0, 0, "pkcs7authEnvelopedDataAES256GCM.der"}); /* test with contentType set to FirmwarePkgData */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"}, + "pkcs7authEnvelopedDataAES256GCM_firmwarePkgData.der"}); /* explicitly using SKID for SubjectKeyIdentifier */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_SKID, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, - 0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"}, + 0, 0, 0, 0, 0, "pkcs7authEnvelopedDataAES256GCM_SKID.der"}); /* explicitly using IssuerAndSerialNumber for SubjectKeyIdentifier */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, 0, 0, rsaCert, rsaCertSz, rsaPrivKey, rsaPrivKeySz, NULL, 0, NULL, 0, NULL, 0, CMS_ISSUER_AND_SERIAL_NUMBER, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_IANDS.der"}, + "pkcs7authEnvelopedDataAES256GCM_IANDS.der"}); #endif #endif /* NO_AES */ #endif @@ -27122,72 +27251,80 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, #ifdef HAVE_ECC #if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128) + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"}, + "pkcs7authEnvelopedDataAES128GCM_ECDH_SHA1KDF.der"}); #endif #if !defined(NO_SHA256) && defined(WOLFSSL_AES_256) + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF.der"}); /* with authenticated attributes */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_authAttribs.der"}); /* with unauthenticated attributes */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, NULL, 0, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_unauthAttribs.der"}); /* with authenticated AND unauthenticated attributes */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_bothAttribs.der"}); /* with authenticated AND unauthenticated attributes AND * contentType of FirmwarePkgData */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), FIRMWARE_PKG_DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), attribs, (sizeof(attribs) / sizeof(PKCS7Attrib)), NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA256KDF_fw_bothAttribs.der"}); #endif /* NO_SHA256 && WOLFSSL_AES_256 */ #if defined(WOLFSSL_SHA512) && defined(WOLFSSL_AES_256) + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey, eccPrivKeySz, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF.der"}); /* with optional user keying material (ukm) */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES256GCMb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert, eccCertSz, eccPrivKey, - eccPrivKeySz, NULL, 0, NULL, 0, optionalUkm, sizeof(optionalUkm), 0, + eccPrivKeySz, NULL, 0, NULL, 0, (byte *)optionalUkm, sizeof(optionalUkm), 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"}, + "pkcs7authEnvelopedDataAES256GCM_ECDH_SHA512KDF_ukm.der"}); #endif /* WOLFSSL_SHA512 && WOLFSSL_AES_256 */ #endif /* NO_AES */ #endif @@ -27195,35 +27332,38 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, /* kekri (KEKRecipientInfo) recipient types */ #if !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128) + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES128GCMb, AES128_WRAP, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, - secretKey, sizeof(secretKey), secretKeyId, sizeof(secretKeyId), + (byte *)secretKey, sizeof(secretKey), (byte *)secretKeyId, sizeof(secretKeyId), NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0, - "pkcs7authEnvelopedDataAES128GCM_KEKRI.der"}, + "pkcs7authEnvelopedDataAES128GCM_KEKRI.der"}); #endif #endif /* pwri (PasswordRecipientInfo) recipient types */ #if !defined(NO_PWDBASED) && !defined(NO_AES) && defined(HAVE_AESGCM) #if !defined(NO_SHA) && defined(WOLFSSL_AES_128) + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, - NULL, 0, NULL, NULL, 0, NULL, 0, 0, password, - (word32)XSTRLEN(password), salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5, - AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"}, + NULL, 0, NULL, NULL, 0, NULL, 0, 0, (char *)password, + (word32)XSTRLEN(password), (byte *)salt, sizeof(salt), PBKDF2_OID, WC_SHA, 5, + AES128CBCb, 0, 0, 0, "pkcs7authEnvelopedDataAES128GCM_PWRI.der"}); #endif #endif #if !defined(NO_AES) && defined(HAVE_AESGCM) #ifdef WOLFSSL_AES_128 /* ori (OtherRecipientInfo) recipient types */ + ADD_PKCS7_TEST_VEC( {data, (word32)sizeof(data), DATA, AES128GCMb, 0, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, 0, 0, NULL, 0, NULL, 0, NULL, NULL, 0, NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 1, 0, - "pkcs7authEnvelopedDataAES128GCM_ORI.der"}, + "pkcs7authEnvelopedDataAES128GCM_ORI.der"}); #endif #endif - }; + } enveloped = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); decoded = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -27231,9 +27371,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, ERROR_OUT(-12210, out); } - testSz = sizeof(testVectors) / sizeof(pkcs7AuthEnvelopedVector); - - /* generate senderNonce */ { #ifndef HAVE_FIPS @@ -27510,6 +27647,8 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, #endif out: + if (testVectors) + XFREE(testVectors, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (enveloped) XFREE(enveloped, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (decoded) @@ -27517,7 +27656,6 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz, return ret; } -#endif /* ! WOLFSSL_LINUXKM */ static int pkcs7authenveloped_test(void) { @@ -27590,12 +27728,10 @@ static int pkcs7authenveloped_test(void) return -12304; } -#ifndef WOLFSSL_LINUXKM ret = pkcs7authenveloped_run_vectors(rsaCert, (word32)rsaCertSz, rsaPrivKey, (word32)rsaPrivKeySz, eccCert, (word32)eccCertSz, eccPrivKey, (word32)eccPrivKeySz); -#endif #ifndef NO_RSA XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); diff --git a/wolfssl/test.h b/wolfssl/test.h index af4de0ab4..f3e6ae0be 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -2049,7 +2049,7 @@ struct stack_size_debug_context { * * enable with * - * CFLAGS='-g -DHAVE_STACK_SIZE_VERBOSE' ./configure --enable-stacksize [...] + * ./configure --enable-stacksize=verbose [...] */ static void *debug_stack_size_verbose_shim(struct stack_size_debug_context *shim_args) { @@ -2123,12 +2123,24 @@ int StackSizeHWMReset(void) #define STACK_SIZE_CHECKPOINT(...) ({ \ ssize_t HWM = StackSizeHWM_OffsetCorrected(); \ - int _ret = (__VA_ARGS__); \ - printf("relative stack used = %ld\n", HWM); \ - StackSizeHWMReset(); \ - _ret; \ + __VA_ARGS__; \ + printf("relative stack used = %ld\n", HWM); \ + StackSizeHWMReset(); \ }) +#define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) ({ \ + ssize_t HWM = StackSizeHWM_OffsetCorrected(); \ + __VA_ARGS__; \ + printf("relative stack used = %ld\n", HWM); \ + int _ret = StackSizeHWMReset(); \ + if ((max >= 0) && (HWM > (ssize_t)(max))) { \ + printf("relative stack usage at %s L%d exceeds designated max %ld.\n", __FILE__, __LINE__, (ssize_t)(max)); \ + _ret = -1; \ + } \ + _ret; \ + }) + + #ifdef __GNUC__ #define STACK_SIZE_INIT() (void)StackSizeSetOffset(__FUNCTION__, __builtin_frame_address(0)) #endif @@ -2144,6 +2156,9 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf) size_t stackSize = 1024*1024; pthread_attr_t myAttr; pthread_t threadId; +#ifdef HAVE_STACK_SIZE_VERBOSE + struct stack_size_debug_context shim_args; +#endif #ifdef PTHREAD_STACK_MIN if (stackSize < PTHREAD_STACK_MIN) @@ -2166,15 +2181,12 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf) #ifdef HAVE_STACK_SIZE_VERBOSE StackSizeCheck_stackSizeHWM = 0; - { - struct stack_size_debug_context shim_args; - shim_args.myStack = myStack; - shim_args.stackSize = stackSize; - shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM; - shim_args.fn = tf; - shim_args.args = args; - ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args); - } + shim_args.myStack = myStack; + shim_args.stackSize = stackSize; + shim_args.stackSizeHWM_ptr = &StackSizeCheck_stackSizeHWM; + shim_args.fn = tf; + shim_args.args = args; + ret = pthread_create(&threadId, &myAttr, (thread_func)debug_stack_size_verbose_shim, (void *)&shim_args); #else ret = pthread_create(&threadId, &myAttr, tf, args); #endif