Merge pull request #5341 from dgarske/various_20220708

Various fixes and cleanups
2025-08-01 03:34:39 +02:00 · 2022-07-08 13:56:51 -06:00
parent 56325143f1 720030b5a9
commit 66aed8193a
5 changed files with 33 additions and 20 deletions
--- a/cyassl/ssl.h
+++ b/cyassl/ssl.h
@@ -700,7 +700,9 @@
 * wrapper around macros until they are changed in cyassl code
 * needs investigation in regards to macros in fips
 */
-#define NO_WOLFSSL_ALLOC_ALIGN NO_CYASSL_ALLOC_ALIGN /* @TODO */
+#ifdef NO_CYASSL_ALLOC_ALIGN
+#define NO_WOLFSSL_ALLOC_ALIGN NO_CYASSL_ALLOC_ALIGN
+#endif


 /* examples/client/client.h */
--- a/src/pk.c
+++ b/src/pk.c
@@ -10375,7 +10375,7 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
            }
        }
        else {
-            WOLFSSL_MSG("wc_ecc_sign_hash_ex failed");
+            WOLFSSL_MSG("wc_ecc_sign_hash failed");
        }
    }

--- a/src/ssl.c
+++ b/src/ssl.c
@@ -13548,32 +13548,43 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
            clientRow = HashSession(sessionID,
                    ID_LEN, &error) % CLIENT_SESSION_ROWS;
        }
-        else
+        else {
            error = -1;
+        }
        if (error == 0 && wc_LockMutex(&clisession_mutex) == 0) {
-            clientIdx = ClientCache[clientRow].nextIdx++;
-            ClientCache[clientRow].Clients[clientIdx].serverRow =
-                                                            (word16)row;
-            ClientCache[clientRow].Clients[clientIdx].serverIdx =
-                                                            (word16)idx;
-            if (sessionID != NULL) {
-                sessionIDHash = HashSession(sessionID, ID_LEN, &error);
-                if (error == 0) {
-                    ClientCache[clientRow].Clients[clientIdx].sessionIDHash
-                        = sessionIDHash;
+            clientIdx = ClientCache[clientRow].nextIdx;
+            if (clientIdx < CLIENT_SESSIONS_PER_ROW) {
+                ClientCache[clientRow].Clients[clientIdx].serverRow =
+                                                                (word16)row;
+                ClientCache[clientRow].Clients[clientIdx].serverIdx =
+                                                                (word16)idx;
+                if (sessionID != NULL) {
+                    sessionIDHash = HashSession(sessionID, ID_LEN, &error);
+                    if (error == 0) {
+                        ClientCache[clientRow].Clients[clientIdx].sessionIDHash
+                            = sessionIDHash;
+                    }
                }
            }
+            else {
+                error = -1;
+                ClientCache[clientRow].nextIdx = 0; /* reset index as saftey */
+                WOLFSSL_MSG("Invalid client cache index! "
+                            "Possible corrupted memory");
+            }
            if (error == 0) {
                WOLFSSL_MSG("Adding client cache entry");
                if (ClientCache[clientRow].totalCount < CLIENT_SESSIONS_PER_ROW)
                    ClientCache[clientRow].totalCount++;
+                ClientCache[clientRow].nextIdx++;
                ClientCache[clientRow].nextIdx %= CLIENT_SESSIONS_PER_ROW;
            }

            wc_UnLockMutex(&clisession_mutex);
        }
        else {
-            WOLFSSL_MSG("Hash session failed");
+            WOLFSSL_MSG("Hash session or lock failed");
+            error = -1;
        }
    }
    else {
--- a/wolfcrypt/src/ecc.c
+++ b/wolfcrypt/src/ecc.c
@@ -4308,8 +4308,6 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
 #endif
 #endif

-    WOLFSSL_ENTER("wc_ecc_shared_secret_gen_sync");
-
 #ifdef HAVE_ECC_CDH
    /* if cofactor flag has been set */
    if (private_key->flags & WC_ECC_FLAG_COFACTOR) {
@@ -4464,8 +4462,6 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
 #endif
 #endif

-    WOLFSSL_LEAVE("wc_ecc_shared_secret_gen_sync", err);
-
    return err;
 }

@@ -4650,8 +4646,6 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,

    RESTORE_VECTOR_REGISTERS();

-    WOLFSSL_LEAVE("wc_ecc_shared_secret_ex", err);
-
    /* if async pending then return and skip done cleanup below */
    if (err == WC_PENDING_E) {
        private_key->state++;
--- a/wolfcrypt/src/hmac.c
+++ b/wolfcrypt/src/hmac.c
@@ -57,6 +57,7 @@
 #ifdef WOLFSSL_KCAPI_HMAC
    #include <wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h>

+    /* map the _Software calls used by kcapi_hmac.c */
    #define wc_HmacSetKey  wc_HmacSetKey_Software
    #define wc_HmacUpdate  wc_HmacUpdate_Software
    #define wc_HmacFinal   wc_HmacFinal_Software
@@ -994,6 +995,11 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
 #ifdef WOLFSSL_KCAPI_HMAC
    /* implemented in wolfcrypt/src/port/kcapi/kcapi_hmac.c */

+    /* unmap the _Software calls used by kcapi_hmac.c */
+    #undef wc_HmacSetKey
+    #undef wc_HmacUpdate
+    #undef wc_HmacFinal
+
 #else
 /* Initialize Hmac for use with async device */
 int wc_HmacInit(Hmac* hmac, void* heap, int devId)