Merge pull request #10647 from philljj/misc_fixes

Misc wolfcrypt fixes
This commit is contained in:
David Garske
2026-06-12 09:13:26 -07:00
committed by GitHub
6 changed files with 47 additions and 5 deletions
+7 -3
View File
@@ -547,7 +547,8 @@ int test_wc_DsaExportKeyRaw(void)
WC_RNG rng;
byte xOut[MAX_DSA_PARAM_SIZE];
byte yOut[MAX_DSA_PARAM_SIZE];
word32 xOutSz, yOutSz;
word32 xOutSz = sizeof(xOut);
word32 yOutSz = sizeof(yOut);
XMEMSET(&key, 0, sizeof(key));
XMEMSET(&rng, 0, sizeof(rng));
@@ -555,11 +556,14 @@ int test_wc_DsaExportKeyRaw(void)
ExpectIntEQ(wc_InitDsaKey(&key), 0);
ExpectIntEQ(wc_InitRng(&rng), 0);
ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* export before make key should return error. */
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
/* try successful export */
xOutSz = sizeof(xOut);
yOutSz = sizeof(yOut);
ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0);
/* test bad args */
+27
View File
@@ -305,6 +305,13 @@ int test_wc_Md5HmacUpdate(void)
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
#if !defined(WOLFSSL_KCAPI_HMAC) && !defined(HAVE_SELFTEST) && \
(!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* update before setkey results in err. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !WOLFSSL_KCAPI_HMAC && !HAVE_SELFTEST && \
(!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -346,6 +353,11 @@ int test_wc_ShaHmacUpdate(void)
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* update before setkey results in err. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -387,6 +399,11 @@ int test_wc_Sha224HmacUpdate(void)
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* update before setkey results in err. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -428,6 +445,11 @@ int test_wc_Sha256HmacUpdate(void)
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* update before setkey results in err. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
@@ -469,6 +491,11 @@ int test_wc_Sha384HmacUpdate(void)
b.inLen = XSTRLEN(b.input);
ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(7,0,0))
/* update before setkey results in err. */
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
#endif /* !HAVE_SELFTEST && (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */
ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys,
(word32)XSTRLEN(keys)), 0);
ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
+5
View File
@@ -723,6 +723,11 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
if (x == NULL || y == NULL)
return BAD_FUNC_ARG;
/* check we have a key to export */
if (mp_iszero(&dsa->x) && mp_iszero(&dsa->y)) {
return BAD_FUNC_ARG;
}
/* export x */
if (*xSz < xLen) {
WOLFSSL_MSG("Output buffer for DSA private key (x) too small, "
+3 -1
View File
@@ -9848,8 +9848,10 @@ static int ECC_populate_EVP_PKEY(WOLFSSL_EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
pkey->pkey.ptr = (char*)derBuf;
if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, (word32)derSz,
1)) < 0) {
XFREE(derBuf, NULL, DYNAMIC_TYPE_OPENSSL);
XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_OPENSSL);
derBuf = NULL;
pkey->pkey.ptr = NULL;
pkey->pkey_sz = 0;
}
}
}
+3 -1
View File
@@ -368,6 +368,7 @@ static int HmacKeyCopyHash(byte macType, wc_HmacHash* src, wc_HmacHash* dst)
#endif
default:
ret = BAD_FUNC_ARG;
break;
}
@@ -475,6 +476,7 @@ static int HmacKeyHashUpdate(byte macType, wc_HmacHash* hash, byte* pad)
#endif
default:
ret = BAD_FUNC_ARG;
break;
}
@@ -1020,7 +1022,6 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
/* fall-through when unavailable */
ret = 0; /* reset error code */
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
@@ -1135,6 +1136,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
#endif
default:
ret = BAD_FUNC_ARG;
break;
}
+2
View File
@@ -777,7 +777,9 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
#endif
}
ForceZero(B, WC_MAX_BLOCK_SIZE);
WC_FREE_VAR_EX(B, heap, DYNAMIC_TYPE_TMP_BUFFER);
ForceZero(buffer, totalLen);
if (buffer != staticBuffer) {
XFREE(buffer, heap, DYNAMIC_TYPE_KEY);
}