Add fixes along the review commnents.

2025-07-31 11:17:29 +02:00 · 2021-03-16 11:55:18 +09:00
parent da75a4f803
commit 9fd8fde714
4 changed files with 100 additions and 127 deletions
--- a/wolfcrypt/src/coding.c
+++ b/wolfcrypt/src/coding.c
@ -113,7 +113,8 @@ static WC_INLINE byte Base64_Char2Val(byte c)
 }
 #endif

-static WC_INLINE int Base64_SkipNewline(const byte* in, word32 *inLen, word32 *outJ)
+int Base64_SkipNewline(const byte* in, word32 *inLen,
+  word32 *outJ)
 {
    word32 len = *inLen;
    word32 j = *outJ;
--- a/wolfcrypt/src/evp.c
+++ b/wolfcrypt/src/evp.c
@ -6880,26 +6880,20 @@ int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,

 /* Base64 encoding APIs */
 #if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
-static struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new_ex(void* heap);
+
 /*  wolfSSL_EVP_ENCODE_CTX_new allocates WOLFSSL_EVP_ENCODE_CTX
 *  Returns WOLFSSL_EVP_ENCODE_CTX structure on success, NULL on failure.
 */
 struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new(void)
-{
-    return wolfSSL_EVP_ENCODE_CTX_new_ex(NULL);
-}
-/* wolfSSL_EVP_ENCODE_CTX_new_ex is a helper function of
- * wolfSSL_EVP_ENCODE_CTX_new to allocate WOLFSSL_EVP_ENCODE_CTX structure.
- */
-static struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new_ex(void* heap)
 {
    WOLFSSL_EVP_ENCODE_CTX* ctx = NULL;
    WOLFSSL_ENTER("wolfSSL_EVP_ENCODE_CTX_new");
-    ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC( sizeof(WOLFSSL_EVP_ENCODE_CTX),heap,DYNAMIC_TYPE_OPENSSL );
+    ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC( sizeof(WOLFSSL_EVP_ENCODE_CTX),
+             NULL, DYNAMIC_TYPE_OPENSSL );

    if (ctx != NULL) {
        XMEMSET(ctx, 0, sizeof(WOLFSSL_EVP_ENCODE_CTX) );
-        ctx->heap = heap;
+        ctx->heap = NULL;
        return ctx;
    }
    return NULL;
@ -6915,7 +6909,7 @@ void wolfSSL_EVP_ENCODE_CTX_free(WOLFSSL_EVP_ENCODE_CTX* ctx)
 }
 #endif /* WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE */
 #if defined(WOLFSSL_BASE64_ENCODE)
-/*  wolfSSL_EVP_EncodeInit initializes specified WOLFSSL_EVP_ENCODE_CTX ojbect
+/*  wolfSSL_EVP_EncodeInit initializes specified WOLFSSL_EVP_ENCODE_CTX object
 *  for the subsequent wolfSSL_EVP_EncodeUpdate.
 */
 void wolfSSL_EVP_EncodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx)
@ -6928,8 +6922,8 @@ void wolfSSL_EVP_EncodeInit(WOLFSSL_EVP_ENCODE_CTX* ctx)
        XMEMSET(ctx->data, 0, sizeof(ctx->data));
    }
 }
-/*  wolfSSL_EVP_EncodeUpdate encodes the input data in 64-byte units
- *  and outputs it to out. If less than 64 bytes of data remain, save it in
+/*  wolfSSL_EVP_EncodeUpdate encodes the input data in 48-byte units
+ *  and outputs it to out. If less than 48 bytes of data remain, save it in
 *  ctx. The data given in the subsequent wolfSSL_EVP_EncodeUpdate
 *  is combined with the data stored in CTX and used for encoding.
 *  Returns 1 on success, 0 on error.
@ -6948,7 +6942,9 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,

    *outl = 0;

-    /* if the remaining data exit in the ctx, add input data to them to create a block(48bytes) for encoding*/
+    /* if the remaining data exit in the ctx, add input data to them 
+     * to create a block(48bytes) for encoding
+     */
    if (ctx->remaining > 0 && inl > 0) {
        cpysz = min((BASE64_ENCODE_BLOCK_SIZE - ctx->remaining), inl);
        XMEMCPY(ctx->data + ctx->remaining, in, cpysz);
@ -6960,7 +6956,8 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
        if (ctx->remaining >= BASE64_ENCODE_BLOCK_SIZE) {
            /* Base64_Encode asks the out buff size via the 4th param*/
            outsz = BASE64_ENCODED_BLOCK_SIZE + 1;
-            res = Base64_Encode(ctx->data, BASE64_ENCODE_BLOCK_SIZE, out, &outsz);
+            res = Base64_Encode(ctx->data, BASE64_ENCODE_BLOCK_SIZE, out, 
+            &outsz);
            if (res == 0)
                *outl = outsz;
            else
@ -6972,7 +6969,9 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
            return  1;
        }
    }
-    /* Here, there is no data left in ctx, so try processing the data of the specified input data.  */
+    /* Here, there is no data left in ctx, so try processing the data of 
+     * the specified input data.
+     */

    while (inl >= BASE64_ENCODE_BLOCK_SIZE) {
        outsz = BASE64_ENCODED_BLOCK_SIZE + 1;   /* 64 byte and one for LF*/
@ -7030,37 +7029,7 @@ void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
 }
 #endif /* WOLFSSL_BASE64_ENCODE */
 #if defined(WOLFSSL_BASE64_DECODE)
-/* borrowed from coding.c */
-static WC_INLINE int Base64_SkipNewline(const byte* in, word32* inLen,
-             word32* outJ)
-{
-    word32 len = *inLen;
-    word32 j = *outJ;
-    if (len && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) {
-        byte endLine = in[j++];
-        len--;
-        while (len && endLine == ' ') {   /* allow trailing whitespace */
-            endLine = in[j++];
-            len--;
-        }
-        if (endLine == '\r') {
-            if (len) {
-                endLine = in[j++];
-                len--;
-            }
-        }
-        if (endLine != '\n') {
-            WOLFSSL_MSG("Bad end of line in Base64 Decode");
-            return ASN_INPUT_E;
-        }
-    }
-    if (!len) {
-        return BUFFER_E;
-    }
-    *inLen = len;
-    *outJ = j;
-    return 0;
-}
+
 /*  wolfSSL_EVP_DecodeInit initializes specified WOLFSSL_EVP_ENCODE_CTX struct
 *  for subsequent wolfSSL_EVP_DecodeUpdate.
 */
@ -7089,7 +7058,11 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
    int    res;
    int    pad = 0;
    int    i;
-    char es;
+    int cpySz;
+    unsigned char c;
+    int pad3 = 0;
+    int pad4 = 0;
+    byte e[4];

    WOLFSSL_ENTER("wolfSSL_EVP_DecodeUpdate");

@ -7112,24 +7085,22 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
    /* if the remaining data exist in the ctx, add input data to them to create
    a block(4bytes) for decoding*/
    if ( ctx->remaining > 0 && inl > 0) {
-        int cpysz;
-        unsigned char e0;

-        cpysz = min( (BASE64_DECODE_BLOCK_SIZE - ctx->remaining), inl );
+        cpySz = min((BASE64_DECODE_BLOCK_SIZE - ctx->remaining), inl);

-        for ( i = 0; cpysz > 0 && inLen > 0;i++) {
+        for ( i = 0; cpySz > 0 && inLen > 0; i++) {
            if ((res = Base64_SkipNewline(in, &inLen, &j))
                                            == ASN_INPUT_E) {
                return -1;  /* detected an illegal char in input */
            }
-            e0 = in[j++];
+            c = in[j++];

-            if (e0 == '=')
+            if (c == '=')
                pad = 1;

-            *(ctx->data + ctx->remaining + i) = e0;
+            *(ctx->data + ctx->remaining + i) = c;
            inLen--;
-            cpysz--;
+            cpySz--;
        }

        outsz = sizeof(ctx->data);
@ -7149,11 +7120,6 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,

    /* process data in input buffer */
    while (inLen > 3) {
-        int pad3 = 0;
-        int pad4 = 0;
-
-        byte e[4];
-
        if ((res = Base64_SkipNewline(in, &inLen, &j)) != 0) {
            if (res == BUFFER_E) {
                break;
@ -7232,20 +7198,20 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
    }
    /* copy left data to ctx */
    if (inLen > 0) {
-        unsigned char el;
+
        XMEMSET(ctx->data, 0, sizeof(ctx->data));

        i = 0;
        while (inLen > 0) {
-            el = in[j++];
-            if (el== '\n' || el == '\r' || el == ' ') {
+            c = in[j++];
+            if (c== '\n' || c == '\r' || c == ' ') {
                inLen--;
                continue;
            }
-            if (el == '=') {
+            if (c == '=') {
                pad = 1;
            }
-            ctx->data[i++] = el;
+            ctx->data[i++] = c;
            ctx->remaining++;
            inLen--;
        }
@ -7257,15 +7223,15 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,

    }
    /* if the last data is '\n', remove it */
-    es = in[j - 1];
-    if (es == '\n') {
-        es = (in[j - 2]);
-        if (es == '=')
+    c = in[j - 1];
+    if (c == '\n') {
+        c = (in[j - 2]);
+        if (c == '=')
            return 0;
        else
            return 1;
    }
-    if (es == '=')
+    if (c == '=')
        return 0;
    else
        return 1;
@ -7285,13 +7251,20 @@ int  wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,

    WOLFSSL_ENTER("wolfSSL_EVP_DecodeFinal");

-    if (ctx != NULL) {
+    if (outl == NULL)
+        return -1;
+
+    if (ctx == NULL || out == NULL ) {
+        *outl = 0;
+        return -1;
+    }
+
    if (ctx->remaining > 0) {
        inLen = ctx->remaining;
        if ((res = Base64_SkipNewline(ctx->data, &inLen, &j)) != 0) {
            *outl = 0;
-                if (res == BUFFER_E)
-                    return 1;
+            if (res == BUFFER_E) /* means no valid data to decode in buffer */
+                return  1; /* returns as success with no output */
            else
                return -1;
        }
@ -7313,9 +7286,6 @@ int  wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
        return 1;
    }
 }
-
-    return -1;
-}
 #endif /* WOLFSSL_BASE64_DECODE */

 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
--- a/wolfssl/openssl/evp.h
+++ b/wolfssl/openssl/evp.h
@ -385,7 +385,7 @@ struct WOLFSSL_EVP_PKEY_CTX {
 struct WOLFSSL_EVP_ENCODE_CTX {
    void* heap;
    int   remaining;     /* num of bytes in data[] */
-    byte  data[128];     /* storage for unprocessed raw data */
+    byte  data[BASE64_ENCODE_BLOCK_SIZE];/* storage for unprocessed raw data */
 };
 typedef struct WOLFSSL_EVP_ENCODE_CTX WOLFSSL_EVP_ENCODE_CTX;

--- a/wolfssl/wolfcrypt/coding.h
+++ b/wolfssl/wolfcrypt/coding.h
@ -79,6 +79,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
    int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
 #endif

+ WOLFSSL_LOCAL int Base64_SkipNewline(const byte* in, word32* inLen,
+            word32* outJ);

 #ifdef __cplusplus
    } /* extern "C" */