diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 681334441..8be624689 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -4275,23 +4275,39 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx, int ret; if (ctx->isHMAC) { - Hmac hmacCopy; - - if (wolfSSL_HmacCopy(&hmacCopy, &ctx->hash.hmac) != WOLFSSL_SUCCESS) +#ifdef WOLFSSL_SMALL_STACK + Hmac *hmacCopy = (Hmac *)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_OPENSSL); + if (hmacCopy == NULL) return WOLFSSL_FAILURE; - ret = wc_HmacFinal(&hmacCopy, md) == 0; - wc_HmacFree(&hmacCopy); +#else + Hmac hmacCopy[1]; +#endif + ret = wolfSSL_HmacCopy(hmacCopy, &ctx->hash.hmac); + if (ret == WOLFSSL_SUCCESS) + ret = wc_HmacFinal(hmacCopy, md) == 0; + wc_HmacFree(hmacCopy); +#ifdef WOLFSSL_SMALL_STACK + XFREE(hmacCopy, NULL, DYNAMIC_TYPE_OPENSSL); +#endif return ret; } else { - WOLFSSL_EVP_MD_CTX ctxCopy; - wolfSSL_EVP_MD_CTX_init(&ctxCopy); - - if (wolfSSL_EVP_MD_CTX_copy_ex(&ctxCopy, ctx) != WOLFSSL_SUCCESS) +#ifdef WOLFSSL_SMALL_STACK + WOLFSSL_EVP_MD_CTX *ctxCopy = (WOLFSSL_EVP_MD_CTX *)XMALLOC(sizeof(WOLFSSL_EVP_MD_CTX), NULL, DYNAMIC_TYPE_OPENSSL); + if (ctxCopy == NULL) return WOLFSSL_FAILURE; +#else + WOLFSSL_EVP_MD_CTX ctxCopy[1]; +#endif + wolfSSL_EVP_MD_CTX_init(ctxCopy); - ret = wolfSSL_EVP_DigestFinal(&ctxCopy, md, mdlen); - wolfSSL_EVP_MD_CTX_cleanup(&ctxCopy); + ret = wolfSSL_EVP_MD_CTX_copy_ex(ctxCopy, ctx); + if (ret == WOLFSSL_SUCCESS) + ret = wolfSSL_EVP_DigestFinal(ctxCopy, md, mdlen); + wolfSSL_EVP_MD_CTX_cleanup(ctxCopy); +#ifdef WOLFSSL_SMALL_STACK + XFREE(ctxCopy, NULL, DYNAMIC_TYPE_OPENSSL); +#endif return ret; } } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 3057afd3f..10a3cef36 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -22661,9 +22661,19 @@ static wc_test_ret_t openssl_aes_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) { wc_test_ret_t ret; - EVP_MD_CTX md_ctx; +#ifdef WOLFSSL_SMALL_STACK + EVP_MD_CTX *md_ctx = (EVP_MD_CTX *)XMALLOC(sizeof(EVP_MD_CTX), NULL, DYNAMIC_TYPE_OPENSSL); +#else + EVP_MD_CTX md_ctx[1]; +#endif testVector a, b, c, d, e, f; byte hash[WC_SHA256_DIGEST_SIZE*2]; /* max size */ + +#ifdef WOLFSSL_SMALL_STACK + if (md_ctx == NULL) + return WC_TEST_RET_ENC_EC(MEMORY_E); +#endif + WOLFSSL_ENTER("openssl_test"); a.inLen = 0; @@ -22697,15 +22707,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) a.inLen = XSTRLEN(a.input); a.outLen = WC_MD5_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_md5()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_md5()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen); + ret = EVP_DigestUpdate(md_ctx, a.input, (unsigned long)a.inLen); } if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) @@ -22721,14 +22731,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) b.inLen = XSTRLEN(b.input); b.outLen = WC_SHA_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha1()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha1()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen); + ret = EVP_DigestUpdate(md_ctx, b.input, (unsigned long)b.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC; if (XMEMCMP(hash, b.output, b.outLen) != 0) @@ -22743,14 +22753,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA224_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha224()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen); + ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22764,14 +22774,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) d.inLen = XSTRLEN(d.input); d.outLen = WC_SHA256_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha256()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen); + ret = EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, d.output, d.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22787,14 +22797,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA384_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha384()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha384()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen); + ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22811,14 +22821,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha512()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha512()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22833,14 +22843,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_224_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha512_224()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha512_224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22856,14 +22866,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA512_256_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha512_256()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha512_256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22879,14 +22889,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA3_224_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha3_224()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha3_224()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen); + ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22901,14 +22911,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) d.inLen = XSTRLEN(d.input); d.outLen = WC_SHA3_256_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha3_256()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha3_256()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen); + ret = EVP_DigestUpdate(md_ctx, d.input, (unsigned long)d.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, d.output, d.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22923,14 +22933,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) e.inLen = XSTRLEN(e.input); e.outLen = WC_SHA3_384_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha3_384()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha3_384()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, e.input, (unsigned long)e.inLen); + ret = EVP_DigestUpdate(md_ctx, e.input, (unsigned long)e.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, e.output, e.outLen) != 0) { return WC_TEST_RET_ENC_NC; } @@ -22946,14 +22956,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) f.inLen = XSTRLEN(f.input); f.outLen = WC_SHA3_512_DIGEST_SIZE; - EVP_MD_CTX_init(&md_ctx); - ret = EVP_DigestInit(&md_ctx, EVP_sha3_512()); + EVP_MD_CTX_init(md_ctx); + ret = EVP_DigestInit(md_ctx, EVP_sha3_512()); if (ret == WOLFSSL_SUCCESS) { - ret = EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); + ret = EVP_DigestUpdate(md_ctx, f.input, (unsigned long)f.inLen); if (ret == WOLFSSL_SUCCESS) - ret = EVP_DigestFinal(&md_ctx, hash, 0); + ret = EVP_DigestFinal(md_ctx, hash, 0); } - EVP_MD_CTX_cleanup(&md_ctx); + EVP_MD_CTX_cleanup(md_ctx); if (ret != WOLFSSL_SUCCESS || XMEMCMP(hash, f.output, f.outLen) != 0) { return WC_TEST_RET_ENC_NC; @@ -22961,6 +22971,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) #endif /* WOLFSSL_NOSHA3_512 */ #endif /* WOLFSSL_SHA3 */ +#ifdef WOLFSSL_SMALL_STACK + XFREE(md_ctx, NULL, DYNAMIC_TYPE_OPENSSL); + md_ctx = NULL; +#endif + #ifndef WC_NO_RNG if (RAND_bytes(hash, sizeof(hash)) != WOLFSSL_SUCCESS) return WC_TEST_RET_ENC_NC;