From 508cda43a288d9488a5be3e7ebfa4183e730e74f Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Mar 2019 12:14:43 -0700 Subject: [PATCH 1/5] Fix for asynchronous build memory macros, which broke due to PR #2026. --- wolfssl/wolfcrypt/types.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 1a421ec1a7..fea9673dff 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -317,8 +317,11 @@ XFREE(VAR_NAME[idx##VAR_NAME], (HEAP), DYNAMIC_TYPE_WOLF_BIGINT); \ } - #define DECLARE_ARRAY_DYNAMIC DECLARE_ARRAY - #define FREE_ARRAY_DYNAMIC FREE_ARRAY + #define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ + DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) + #define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) + #define FREE_ARRAY_DYNAMIC(VAR_NAME, VAR_ITEMS, HEAP) \ + FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) #else #define DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_SIZE] @@ -331,7 +334,7 @@ #define DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ - int idx##VAR_NAME; + int idx##VAR_NAME; #define DECLARE_ARRAY_DYNAMIC_EXE(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ for (idx##VAR_NAME=0; idx##VAR_NAME Date: Wed, 13 Mar 2019 22:59:00 -0700 Subject: [PATCH 2/5] Fixes to resolve async crash (using stack pointer after return) due to 16-bit fixes in PR #2133 (commit 700eca45664bf06310a155012e8f4d853d744aef). Revert to using the "unsigned int" length directly for word32 but cast it. --- src/internal.c | 26 +++++++++----------------- src/tls13.c | 9 ++++----- 2 files changed, 13 insertions(+), 22 deletions(-) diff --git a/src/internal.c b/src/internal.c index 3a73f2f62c..4a276c6e3f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -19839,7 +19839,6 @@ int SendClientKeyExchange(WOLFSSL* ssl) #ifndef NO_DH case diffie_hellman_kea: { - word32 sigLen; ssl->buffers.sig.length = ENCRYPT_LEN; ssl->buffers.sig.buffer = (byte*)XMALLOC(ENCRYPT_LEN, ssl->heap, DYNAMIC_TYPE_SIGNATURE); @@ -19883,13 +19882,11 @@ int SendClientKeyExchange(WOLFSSL* ssl) } /* for DH, encSecret is Yc, agree is pre-master */ - sigLen = ssl->buffers.sig.length; ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key, - ssl->buffers.sig.buffer, &sigLen, + ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, args->encSecret, &args->encSz); /* set the max agree result size */ - ssl->buffers.sig.length = (unsigned int)sigLen; ssl->arrays->preMasterSz = ENCRYPT_LEN; break; } @@ -20001,7 +19998,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* for DH, encSecret is Yc, agree is pre-master */ ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key, - ssl->buffers.sig.buffer, &ssl->buffers.sig.length, + ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, args->output + OPAQUE16_LEN, &args->length); break; } @@ -20907,11 +20904,10 @@ int SendCertificateVerify(WOLFSSL* ssl) #ifdef HAVE_ECC if (ssl->hsType == DYNAMIC_TYPE_ECC) { ecc_key* key = (ecc_key*)ssl->hsKey; - word32 sigLen = ssl->buffers.sig.length; ret = EccSign(ssl, ssl->buffers.digest.buffer, ssl->buffers.digest.length, - ssl->buffers.sig.buffer, &sigLen, + ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, key, #ifdef HAVE_PK_CALLBACKS ssl->buffers.key @@ -20919,7 +20915,6 @@ int SendCertificateVerify(WOLFSSL* ssl) NULL #endif ); - ssl->buffers.sig.length = (unsigned int)sigLen; } #endif /* HAVE_ECC */ #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH) @@ -20928,7 +20923,7 @@ int SendCertificateVerify(WOLFSSL* ssl) ret = Ed25519Sign(ssl, ssl->hsHashes->messages, ssl->hsHashes->length, - ssl->buffers.sig.buffer, &ssl->buffers.sig.length, + ssl->buffers.sig.buffer, (word32*)&ssl->buffers.sig.length, key, #ifdef HAVE_PK_CALLBACKS ssl->buffers.key @@ -20936,6 +20931,7 @@ int SendCertificateVerify(WOLFSSL* ssl) NULL #endif ); + ssl->buffers.sig.length = (unsigned int)args->sigSz; } #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ #ifndef NO_RSA @@ -21715,8 +21711,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, case diffie_hellman_kea: #endif { - word32 dhPrivLen, dhPubLen; - /* Allocate DH key buffers and generate key */ if (ssl->buffers.serverDH_P.buffer == NULL || ssl->buffers.serverDH_G.buffer == NULL) { @@ -21783,13 +21777,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } } - dhPrivLen = ssl->buffers.serverDH_Priv.length; - dhPubLen = ssl->buffers.serverDH_Pub.length; ret = DhGenKeyPair(ssl, ssl->buffers.serverDH_Key, - ssl->buffers.serverDH_Priv.buffer, &dhPrivLen, - ssl->buffers.serverDH_Pub.buffer, &dhPubLen); - ssl->buffers.serverDH_Priv.length = (unsigned int)dhPrivLen; - ssl->buffers.serverDH_Pub.length = (unsigned int)dhPubLen; + ssl->buffers.serverDH_Priv.buffer, + (word32*)&ssl->buffers.serverDH_Priv.length, + ssl->buffers.serverDH_Pub.buffer, + (word32*)&ssl->buffers.serverDH_Pub.length); break; } #endif /* !NO_DH && (!NO_PSK || !NO_RSA) */ diff --git a/src/tls13.c b/src/tls13.c index cc795dd674..989a1a53d2 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5395,17 +5395,16 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) { #ifdef HAVE_ECC if (ssl->hsType == DYNAMIC_TYPE_ECC) { - word32 sigLen = sig->length; + ret = EccSign(ssl, args->sigData, args->sigDataSz, args->verify + HASH_SIG_SIZE + VERIFY_HEADER, - &sigLen, (ecc_key*)ssl->hsKey, + (word32*)&sig->length, (ecc_key*)ssl->hsKey, #ifdef HAVE_PK_CALLBACKS ssl->buffers.key #else NULL #endif ); - sig->length = (unsigned int)sigLen; args->length = (word16)sig->length; } #endif /* HAVE_ECC */ @@ -5413,14 +5412,14 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl) if (ssl->hsType == DYNAMIC_TYPE_ED25519) { ret = Ed25519Sign(ssl, args->sigData, args->sigDataSz, args->verify + HASH_SIG_SIZE + VERIFY_HEADER, - &sig->length, (ed25519_key*)ssl->hsKey, + (word32*)&sig->length, (ed25519_key*)ssl->hsKey, #ifdef HAVE_PK_CALLBACKS ssl->buffers.key #else NULL #endif ); - args->length = sig->length; + args->length = (word16)sig->length; } #endif #ifndef NO_RSA From d19c37de2e373c332107574203529cbfa88658ca Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Mar 2019 22:59:50 -0700 Subject: [PATCH 3/5] Fix for example client arg `-4` not working. --- examples/client/client.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/client/client.c b/examples/client/client.c index afd55800a3..4cc53bf391 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -1506,7 +1506,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) while ((ch = mygetopt(argc, argv, "?:" "ab:c:defgh:ijk:l:mnop:q:rstuv:wxyz" "A:B:CDE:F:GH:IJKL:M:NO:PQRS:TUVW:XYZ:" - "01:23:5")) != -1) { + "01:23:45")) != -1) { switch (ch) { case '?' : if(myoptarg!=NULL) { @@ -1930,6 +1930,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) forceScr = 1; resumeScr = 1; #endif + break; case '5' : #ifdef HAVE_TRUSTED_CA From 397c2a4f8aac05514d07ab706aae0d2b1abe29b7 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Mar 2019 23:03:00 -0700 Subject: [PATCH 4/5] Fix for `SetNameFromCert` not used when building with `--disable-filesystem`. --- wolfcrypt/src/asn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 089aa27993..c4487b4a65 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -12990,6 +12990,8 @@ static void SetNameFromDcert(CertName* cn, DecodedCert* decoded) } } +#ifndef NO_FILESYSTEM + /* Set cn name from der buffer, return 0 on success */ static int SetNameFromCert(CertName* cn, const byte* der, int derSz) { @@ -13029,8 +13031,6 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz) return ret < 0 ? ret : 0; } -#ifndef NO_FILESYSTEM - /* Set cert issuer from issuerFile in PEM */ int wc_SetIssuer(Cert* cert, const char* issuerFile) { From 6361ec2f102bb55cf462ee564f6b24173d566ab8 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Mar 2019 23:32:53 -0700 Subject: [PATCH 5/5] Fix for AES GCM and CCM ex to NOT increment counter or update IV if failure or async response code. Resolves TLS v1.3 with async simulator. --- src/internal.c | 1 - wolfcrypt/src/aes.c | 9 ++++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/internal.c b/src/internal.c index 4a276c6e3f..9d6b30d73d 100644 --- a/src/internal.c +++ b/src/internal.c @@ -20931,7 +20931,6 @@ int SendCertificateVerify(WOLFSSL* ssl) NULL #endif ); - ssl->buffers.sig.length = (unsigned int)args->sigSz; } #endif /* HAVE_ED25519 && !NO_ED25519_CLIENT_AUTH */ #ifndef NO_RSA diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index a4f3d08cd8..37356a7f05 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -6061,7 +6061,8 @@ int wc_AesGcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, (byte*)aes->reg, ivOutSz, authTag, authTagSz, authIn, authInSz); - IncCtr((byte*)aes->reg, ivOutSz); + if (ret == 0) + IncCtr((byte*)aes->reg, ivOutSz); } return ret; @@ -6534,8 +6535,10 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, (byte*)aes->reg, aes->nonceSz, authTag, authTagSz, authIn, authInSz); - XMEMCPY(ivOut, aes->reg, aes->nonceSz); - IncCtr((byte*)aes->reg, aes->nonceSz); + if (ret == 0) { + XMEMCPY(ivOut, aes->reg, aes->nonceSz); + IncCtr((byte*)aes->reg, aes->nonceSz); + } } return ret;