wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8881 from douzzer/20250615-heapmath-FREE_MP_INT_SIZE

Browse Source 
20250615-heapmath-FREE_MP_INT_SIZE
This commit is contained in:
David Garske
2025-06-16 11:46:12 -07:00
committed by GitHub
parent 5151a2297a d5ce9744a4
commit 842e2366e3
3 changed files with 58 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
.wolfssl_known_macro_extras
View File

@ -87,7 +87,6 @@ CONFIG_ESP_TLS_USING_WOLFSSL
CONFIG_ESP_WIFI_PASSWORD CONFIG_ESP_WIFI_PASSWORD
CONFIG_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
CONFIG_ESP_WOLFSSL_ENABLE_KYBER CONFIG_ESP_WOLFSSL_ENABLE_KYBER
CONFIG_ESP_WOLFSSL_ENABLE_MLKEM
CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH CONFIG_ESP_WOLFSSL_ENABLE_WOLFSSH
CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT CONFIG_ESP_WOLFSSL_NO_ESP32_CRYPT
CONFIG_ESP_WOLFSSL_NO_HW_AES CONFIG_ESP_WOLFSSL_NO_HW_AES
@ -287,7 +286,6 @@ IOTSAFE_NO_GETDATA
IOTSAFE_SIG_8BIT_LENGTH IOTSAFE_SIG_8BIT_LENGTH
KCAPI_USE_XMALLOC KCAPI_USE_XMALLOC
K_SERIES K_SERIES
LIBWOLFSSL_CMAKE_OUTPUT
LIBWOLFSSL_VERSION_GIT_BRANCH LIBWOLFSSL_VERSION_GIT_BRANCH
LIBWOLFSSL_VERSION_GIT_HASH LIBWOLFSSL_VERSION_GIT_HASH
LIBWOLFSSL_VERSION_GIT_HASH_DATE LIBWOLFSSL_VERSION_GIT_HASH_DATE
@ -460,7 +458,6 @@ SHOW_CERTS
SHOW_GEN SHOW_GEN
SHOW_SIZES SHOW_SIZES
SHOW_SSID_AND_PASSWORD SHOW_SSID_AND_PASSWORD
SHOW_WOLFSSL_BUNDLE_ERROR
SIM_SCGC3_RNGA_MASK SIM_SCGC3_RNGA_MASK
SIM_SCGC5_PORTC_MASK SIM_SCGC5_PORTC_MASK
SIM_SCGC5_PORTD_MASK SIM_SCGC5_PORTD_MASK
@ -682,7 +679,6 @@ WOLFSSL_EDDSA_CHECK_PRIV_ON_SIGN
WOLFSSL_EMNET WOLFSSL_EMNET
WOLFSSL_ESPWROOM32 WOLFSSL_ESPWROOM32
WOLFSSL_EVP_PRINT WOLFSSL_EVP_PRINT
WOLFSSL_EXPERIMENTAL_SETTINGS
WOLFSSL_EXPORT_INT WOLFSSL_EXPORT_INT
WOLFSSL_EXPORT_SPC_SZ WOLFSSL_EXPORT_SPC_SZ
WOLFSSL_EXTRA WOLFSSL_EXTRA
@ -699,7 +695,6 @@ WOLFSSL_HARDEN_TLS_ALLOW_OLD_TLS
WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC WOLFSSL_HARDEN_TLS_ALLOW_TRUNCATED_HMAC
WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
WOLFSSL_HARDEN_TLS_NO_SCR_CHECK WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
WOLFSSL_HAVE_MLKEM
WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY WOLFSSL_HOSTNAME_VERIFY_ALT_NAME_ONLY
WOLFSSL_I2D_ECDSA_SIG_ALLOC WOLFSSL_I2D_ECDSA_SIG_ALLOC
WOLFSSL_IAR_ARM_TIME WOLFSSL_IAR_ARM_TIME
@ -712,9 +707,6 @@ WOLFSSL_IMXRT_DCP
WOLFSSL_ISOTP WOLFSSL_ISOTP
WOLFSSL_KEIL WOLFSSL_KEIL
WOLFSSL_KEIL_NET WOLFSSL_KEIL_NET
WOLFSSL_KYBER1024
WOLFSSL_KYBER512
WOLFSSL_KYBER768
WOLFSSL_KYBER_NO_DECAPSULATE WOLFSSL_KYBER_NO_DECAPSULATE
WOLFSSL_KYBER_NO_ENCAPSULATE WOLFSSL_KYBER_NO_ENCAPSULATE
WOLFSSL_KYBER_NO_MAKE_KEY WOLFSSL_KYBER_NO_MAKE_KEY
@ -737,7 +729,6 @@ WOLFSSL_MLKEM_MAKEKEY_SMALL_MEM
WOLFSSL_MLKEM_NO_LARGE_CODE WOLFSSL_MLKEM_NO_LARGE_CODE
WOLFSSL_MLKEM_NO_MALLOC WOLFSSL_MLKEM_NO_MALLOC
WOLFSSL_MLKEM_NTT_UNROLL WOLFSSL_MLKEM_NTT_UNROLL
WOLFSSL_ML_KEM_USE_OLD_IDS
WOLFSSL_MONT_RED_CT WOLFSSL_MONT_RED_CT
WOLFSSL_MP_COND_COPY WOLFSSL_MP_COND_COPY
WOLFSSL_MP_INVMOD_CONSTANT_TIME WOLFSSL_MP_INVMOD_CONSTANT_TIME
@ -768,9 +759,6 @@ WOLFSSL_NO_KCAPI_HMAC_SHA256
WOLFSSL_NO_KCAPI_HMAC_SHA384 WOLFSSL_NO_KCAPI_HMAC_SHA384
WOLFSSL_NO_KCAPI_HMAC_SHA512 WOLFSSL_NO_KCAPI_HMAC_SHA512
WOLFSSL_NO_KCAPI_SHA224 WOLFSSL_NO_KCAPI_SHA224
WOLFSSL_NO_ML_KEM_1024
WOLFSSL_NO_ML_KEM_512
WOLFSSL_NO_ML_KEM_768
WOLFSSL_NO_OCSP_DATE_CHECK WOLFSSL_NO_OCSP_DATE_CHECK
WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
WOLFSSL_NO_OCSP_OPTIONAL_CERTS WOLFSSL_NO_OCSP_OPTIONAL_CERTS
@ -833,8 +821,6 @@ WOLFSSL_SERVER_EXAMPLE
WOLFSSL_SETTINGS_FILE WOLFSSL_SETTINGS_FILE
WOLFSSL_SH224 WOLFSSL_SH224
WOLFSSL_SHA256_ALT_CH_MAJ WOLFSSL_SHA256_ALT_CH_MAJ
WOLFSSL_SHAKE128
WOLFSSL_SHAKE256
WOLFSSL_SHUTDOWNONCE WOLFSSL_SHUTDOWNONCE
WOLFSSL_SILABS_TRNG WOLFSSL_SILABS_TRNG
WOLFSSL_SM4_EBC WOLFSSL_SM4_EBC
@ -876,7 +862,6 @@ WOLFSSL_USE_FLASHMEM
WOLFSSL_USE_OPTIONS_H WOLFSSL_USE_OPTIONS_H
WOLFSSL_USE_POPEN_HOST WOLFSSL_USE_POPEN_HOST
WOLFSSL_VALIDATE_DH_KEYGEN WOLFSSL_VALIDATE_DH_KEYGEN
WOLFSSL_WC_MLKEM
WOLFSSL_WC_XMSS_NO_SHA256 WOLFSSL_WC_XMSS_NO_SHA256
WOLFSSL_WC_XMSS_NO_SHAKE256 WOLFSSL_WC_XMSS_NO_SHAKE256
WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME WOLFSSL_WICED_PSEUDO_UNIX_EPOCH_TIME

66
linuxkm/lkcapi_sha_glue.c
View File

@ -414,7 +414,7 @@ WC_MAYBE_UNUSED static int sha3_test_once(void) {
#define WC_LINUXKM_SHA_IMPLEMENT(name, digest_size, block_size, \ #define WC_LINUXKM_SHA_IMPLEMENT(name, digest_size, block_size, \
this_cra_name, this_cra_driver_name, \ this_cra_name, this_cra_driver_name, \
init_f, update_f, final_f, \ init_f, update_f, final_f, \
test_routine) \ free_f, test_routine) \
\ \
\ \
static int km_ ## name ## _init(struct shash_desc *desc) { \ static int km_ ## name ## _init(struct shash_desc *desc) { \
@ -436,8 +436,10 @@ static int km_ ## name ## _update(struct shash_desc *desc, const u8 *data, \
\ \
if (ret == 0) \ if (ret == 0) \
return 0; \ return 0; \
else \ else { \
free_f(&ctx-> name ## _state); \
return -EINVAL; \ return -EINVAL; \
} \
} \ } \
\ \
static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \ static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
@ -445,6 +447,8 @@ static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
\ \
int ret = final_f(&ctx-> name ## _state, out); \ int ret = final_f(&ctx-> name ## _state, out); \
\ \
free_f(&ctx-> name ## _state); \
\
if (ret == 0) \ if (ret == 0) \
return 0; \ return 0; \
else \ else \
@ -458,8 +462,10 @@ static int km_ ## name ## _finup(struct shash_desc *desc, const u8 *data, \
\ \
int ret = update_f(&ctx-> name ## _state, data, len); \ int ret = update_f(&ctx-> name ## _state, data, len); \
\ \
if (ret != 0) \ if (ret != 0) { \
free_f(&ctx-> name ## _state); \
return -EINVAL; \ return -EINVAL; \
} \
\ \
return km_ ## name ## _final(desc, out); \ return km_ ## name ## _final(desc, out); \
} \ } \
@ -510,7 +516,7 @@ struct wc_swallow_the_semicolon
#define WC_LINUXKM_SHA3_IMPLEMENT(name, digest_size, block_size, \ #define WC_LINUXKM_SHA3_IMPLEMENT(name, digest_size, block_size, \
this_cra_name, this_cra_driver_name, \ this_cra_name, this_cra_driver_name, \
init_f, update_f, final_f, \ init_f, update_f, final_f, \
test_routine) \ free_f, test_routine) \
\ \
\ \
static int km_ ## name ## _init(struct shash_desc *desc) { \ static int km_ ## name ## _init(struct shash_desc *desc) { \
@ -537,6 +543,7 @@ static int km_ ## name ## _update(struct shash_desc *desc, const u8 *data, \
if (ret == 0) \ if (ret == 0) \
return 0; \ return 0; \
else { \ else { \
free_f(ctx-> name ## _state); \
km_sha3_free_tstate(ctx); \ km_sha3_free_tstate(ctx); \
return -EINVAL; \ return -EINVAL; \
} \ } \
@ -547,6 +554,7 @@ static int km_ ## name ## _final(struct shash_desc *desc, u8 *out) { \
\ \
int ret = final_f(ctx-> name ## _state, out); \ int ret = final_f(ctx-> name ## _state, out); \
\ \
free_f(ctx-> name ## _state); \
km_sha3_free_tstate(ctx); \ km_sha3_free_tstate(ctx); \
if (ret == 0) \ if (ret == 0) \
return 0; \ return 0; \
@ -561,8 +569,10 @@ static int km_ ## name ## _finup(struct shash_desc *desc, const u8 *data, \
\ \
int ret = update_f(ctx-> name ## _state, data, len); \ int ret = update_f(ctx-> name ## _state, data, len); \
\ \
if (ret != 0) \ if (ret != 0) { \
free_f(ctx-> name ## _state); \
return -EINVAL; \ return -EINVAL; \
} \
\ \
return km_ ## name ## _final(desc, out); \ return km_ ## name ## _final(desc, out); \
} \ } \
@ -613,63 +623,63 @@ struct wc_swallow_the_semicolon
WC_LINUXKM_SHA_IMPLEMENT(sha1, WC_SHA_DIGEST_SIZE, WC_SHA_BLOCK_SIZE, WC_LINUXKM_SHA_IMPLEMENT(sha1, WC_SHA_DIGEST_SIZE, WC_SHA_BLOCK_SIZE,
WOLFKM_SHA1_NAME, WOLFKM_SHA1_DRIVER, WOLFKM_SHA1_NAME, WOLFKM_SHA1_DRIVER,
wc_InitSha, wc_ShaUpdate, wc_ShaFinal, wc_InitSha, wc_ShaUpdate, wc_ShaFinal,
sha_test); wc_ShaFree, sha_test);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_224 #ifdef LINUXKM_LKCAPI_REGISTER_SHA2_224
WC_LINUXKM_SHA_IMPLEMENT(sha2_224, WC_SHA224_DIGEST_SIZE, WC_SHA224_BLOCK_SIZE, WC_LINUXKM_SHA_IMPLEMENT(sha2_224, WC_SHA224_DIGEST_SIZE, WC_SHA224_BLOCK_SIZE,
WOLFKM_SHA2_224_NAME, WOLFKM_SHA2_224_DRIVER, WOLFKM_SHA2_224_NAME, WOLFKM_SHA2_224_DRIVER,
wc_InitSha224, wc_Sha224Update, wc_Sha224Final, wc_InitSha224, wc_Sha224Update, wc_Sha224Final,
sha224_test); wc_Sha224Free, sha224_test);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_256 #ifdef LINUXKM_LKCAPI_REGISTER_SHA2_256
WC_LINUXKM_SHA_IMPLEMENT(sha2_256, WC_SHA256_DIGEST_SIZE, WC_SHA256_BLOCK_SIZE, WC_LINUXKM_SHA_IMPLEMENT(sha2_256, WC_SHA256_DIGEST_SIZE, WC_SHA256_BLOCK_SIZE,
WOLFKM_SHA2_256_NAME, WOLFKM_SHA2_256_DRIVER, WOLFKM_SHA2_256_NAME, WOLFKM_SHA2_256_DRIVER,
wc_InitSha256, wc_Sha256Update, wc_Sha256Final, wc_InitSha256, wc_Sha256Update, wc_Sha256Final,
sha256_test); wc_Sha256Free, sha256_test);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_384 #ifdef LINUXKM_LKCAPI_REGISTER_SHA2_384
WC_LINUXKM_SHA_IMPLEMENT(sha2_384, WC_SHA384_DIGEST_SIZE, WC_SHA384_BLOCK_SIZE, WC_LINUXKM_SHA_IMPLEMENT(sha2_384, WC_SHA384_DIGEST_SIZE, WC_SHA384_BLOCK_SIZE,
WOLFKM_SHA2_384_NAME, WOLFKM_SHA2_384_DRIVER, WOLFKM_SHA2_384_NAME, WOLFKM_SHA2_384_DRIVER,
wc_InitSha384, wc_Sha384Update, wc_Sha384Final, wc_InitSha384, wc_Sha384Update, wc_Sha384Final,
sha384_test); wc_Sha384Free, sha384_test);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA2_512 #ifdef LINUXKM_LKCAPI_REGISTER_SHA2_512
WC_LINUXKM_SHA_IMPLEMENT(sha2_512, WC_SHA512_DIGEST_SIZE, WC_SHA512_BLOCK_SIZE, WC_LINUXKM_SHA_IMPLEMENT(sha2_512, WC_SHA512_DIGEST_SIZE, WC_SHA512_BLOCK_SIZE,
WOLFKM_SHA2_512_NAME, WOLFKM_SHA2_512_DRIVER, WOLFKM_SHA2_512_NAME, WOLFKM_SHA2_512_DRIVER,
wc_InitSha512, wc_Sha512Update, wc_Sha512Final, wc_InitSha512, wc_Sha512Update, wc_Sha512Final,
sha512_test); wc_Sha512Free, sha512_test);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_224 #ifdef LINUXKM_LKCAPI_REGISTER_SHA3_224
WC_LINUXKM_SHA3_IMPLEMENT(sha3_224, WC_SHA3_224_DIGEST_SIZE, WC_SHA3_224_BLOCK_SIZE, WC_LINUXKM_SHA3_IMPLEMENT(sha3_224, WC_SHA3_224_DIGEST_SIZE, WC_SHA3_224_BLOCK_SIZE,
WOLFKM_SHA3_224_NAME, WOLFKM_SHA3_224_DRIVER, WOLFKM_SHA3_224_NAME, WOLFKM_SHA3_224_DRIVER,
wc_InitSha3_224, wc_Sha3_224_Update, wc_Sha3_224_Final, wc_InitSha3_224, wc_Sha3_224_Update, wc_Sha3_224_Final,
sha3_test_once); wc_Sha3_224_Free, sha3_test_once);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_256 #ifdef LINUXKM_LKCAPI_REGISTER_SHA3_256
WC_LINUXKM_SHA3_IMPLEMENT(sha3_256, WC_SHA3_256_DIGEST_SIZE, WC_SHA3_256_BLOCK_SIZE, WC_LINUXKM_SHA3_IMPLEMENT(sha3_256, WC_SHA3_256_DIGEST_SIZE, WC_SHA3_256_BLOCK_SIZE,
WOLFKM_SHA3_256_NAME, WOLFKM_SHA3_256_DRIVER, WOLFKM_SHA3_256_NAME, WOLFKM_SHA3_256_DRIVER,
wc_InitSha3_256, wc_Sha3_256_Update, wc_Sha3_256_Final, wc_InitSha3_256, wc_Sha3_256_Update, wc_Sha3_256_Final,
sha3_test_once); wc_Sha3_256_Free, sha3_test_once);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_384 #ifdef LINUXKM_LKCAPI_REGISTER_SHA3_384
WC_LINUXKM_SHA3_IMPLEMENT(sha3_384, WC_SHA3_384_DIGEST_SIZE, WC_SHA3_384_BLOCK_SIZE, WC_LINUXKM_SHA3_IMPLEMENT(sha3_384, WC_SHA3_384_DIGEST_SIZE, WC_SHA3_384_BLOCK_SIZE,
WOLFKM_SHA3_384_NAME, WOLFKM_SHA3_384_DRIVER, WOLFKM_SHA3_384_NAME, WOLFKM_SHA3_384_DRIVER,
wc_InitSha3_384, wc_Sha3_384_Update, wc_Sha3_384_Final, wc_InitSha3_384, wc_Sha3_384_Update, wc_Sha3_384_Final,
sha3_test_once); wc_Sha3_384_Free, sha3_test_once);
#endif #endif
#ifdef LINUXKM_LKCAPI_REGISTER_SHA3_512 #ifdef LINUXKM_LKCAPI_REGISTER_SHA3_512
WC_LINUXKM_SHA3_IMPLEMENT(sha3_512, WC_SHA3_512_DIGEST_SIZE, WC_SHA3_512_BLOCK_SIZE, WC_LINUXKM_SHA3_IMPLEMENT(sha3_512, WC_SHA3_512_DIGEST_SIZE, WC_SHA3_512_BLOCK_SIZE,
WOLFKM_SHA3_512_NAME, WOLFKM_SHA3_512_DRIVER, WOLFKM_SHA3_512_NAME, WOLFKM_SHA3_512_DRIVER,
wc_InitSha3_512, wc_Sha3_512_Update, wc_Sha3_512_Final, wc_InitSha3_512, wc_Sha3_512_Update, wc_Sha3_512_Final,
sha3_test_once); wc_Sha3_512_Free, sha3_test_once);
#endif #endif
struct km_sha_hmac_pstate { struct km_sha_hmac_pstate {
@ -700,6 +710,7 @@ WC_MAYBE_UNUSED static int linuxkm_hmac_setkey_common(struct crypto_shash *tfm,
} }
WC_MAYBE_UNUSED static void km_hmac_free_tstate(struct km_sha_hmac_state *t_ctx) { WC_MAYBE_UNUSED static void km_hmac_free_tstate(struct km_sha_hmac_state *t_ctx) {
wc_HmacFree(t_ctx->wc_hmac);
free(t_ctx->wc_hmac); free(t_ctx->wc_hmac);
t_ctx->wc_hmac = NULL; t_ctx->wc_hmac = NULL;
} }
@ -731,6 +742,33 @@ WC_MAYBE_UNUSED static int km_hmac_init(struct shash_desc *desc) {
XMEMCPY(t_ctx->wc_hmac, &p_ctx->wc_hmac, sizeof *t_ctx->wc_hmac); XMEMCPY(t_ctx->wc_hmac, &p_ctx->wc_hmac, sizeof *t_ctx->wc_hmac);
#ifdef WOLFSSL_SMALL_STACK_CACHE
/* The cached W buffer from the persistent ctx can't be used because it
* would be double-freed, first by km_hmac_free_tstate(), then by
* km_hmac_exit_tfm().
*/
switch (t_ctx->wc_hmac->macType) {
#ifndef NO_SHA256
case WC_SHA256:
#ifdef WOLFSSL_SHA224
case WC_SHA224:
#endif
t_ctx->wc_hmac->hash.sha256.W = NULL;
break;
#endif /* WOLFSSL_SHA256 */
#ifdef WOLFSSL_SHA512
case WC_SHA512:
#ifdef WOLFSSL_SHA384
case WC_SHA384:
#endif
t_ctx->wc_hmac->hash.sha512.W = NULL;
break;
#endif /* WOLFSSL_SHA512 */
}
#endif /* WOLFSSL_SMALL_STACK_CACHE */
return 0; return 0;
} }

7
wolfssl/wolfcrypt/integer.h
View File

@ -205,7 +205,12 @@ typedef int mp_err;
#define NEW_MP_INT_SIZE(name, bits, heap, type) \ #define NEW_MP_INT_SIZE(name, bits, heap, type) \
XMEMSET(name, 0, sizeof(mp_int)) XMEMSET(name, 0, sizeof(mp_int))
/* Dispose of static mp_int. */ /* Dispose of static mp_int. */
#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING #define FREE_MP_INT_SIZE(name, heap, type) \
do { \
if ((name) != NULL) { \
mp_free(name); \
} \
} while (0)
/* Initialize an mp_int. */ /* Initialize an mp_int. */
#define INIT_MP_INT_SIZE(name, bits) \ #define INIT_MP_INT_SIZE(name, bits) \
mp_init(name) mp_init(name)