mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 17:40:51 +02:00
Merge pull request #1662 from SparkiDev/mem_track
Add memory usage tracking and logging
This commit is contained in:
@@ -23,6 +23,7 @@ EXTRA_DIST += \
|
||||
certs/ed25519/root-ed25519-priv.pem \
|
||||
certs/ed25519/server-ed25519.der \
|
||||
certs/ed25519/server-ed25519.pem \
|
||||
certs/ed25519/server-ed25519-cert.pem \
|
||||
certs/ed25519/server-ed25519-key.der \
|
||||
certs/ed25519/server-ed25519-key.pem \
|
||||
certs/ed25519/server-ed25519-priv.der \
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICUjCCAgSgAwIBAgIQAM3yL77cB/q7ZQPi/+pqmTAFBgMrZXAwgZ0xCzAJBgNV
|
||||
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
|
||||
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
|
||||
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
|
||||
c2wuY29tMCIYDzIwMTgwNDEyMTYyMjE3WhgPMjAyMTAxMDcxNTIyMTdaMIGfMQsw
|
||||
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEN
|
||||
MAsGA1UEBAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUx
|
||||
OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
|
||||
QHdvbGZzc2wuY29tMCowBQYDK2VwAyEAYV3st0WTyYR7aCFKTfQEi73NbF09t2Is
|
||||
LSXDIknIhvKjUjBQMB0GA1UdDgQWBBQzyChjjPRX7h6wxxISdoqAMDrLEDAfBgNV
|
||||
HSMEGDAWgBSSP5ZyAvphHCFtiN3r3TybF8SftzAOBgNVHQ8BAf8EBAMCBsAwBQYD
|
||||
K2VwA0EAFYiG/GbR4PbPyQlG0FDiAV33z1e4upCEy/EkS++llX1pkoioiWPMkEDC
|
||||
QTpAdrEtqKiXyXPHgjAkYbCqyqpoAA==
|
||||
-----END CERTIFICATE-----
|
||||
+14
-1
@@ -657,7 +657,7 @@ AC_ARG_ENABLE([lowresource],
|
||||
if test "$ENABLED_LOWRESOURCE" = "yes"
|
||||
then
|
||||
# low memory / flash flags
|
||||
AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DGCM_SMALL -DCURVE25519_SMALL -DED25519_SMALL"
|
||||
AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DALT_ECC_SIZE -DGCM_SMALL -DCURVE25519_SMALL -DED25519_SMALL"
|
||||
|
||||
# low flash flags
|
||||
AM_CFLAGS="$AM_CFLAGS -DUSE_SLOW_SHA -DUSE_SLOW_SHA256 -DUSE_SLOW_SHA512"
|
||||
@@ -1620,6 +1620,19 @@ then
|
||||
fi
|
||||
fi
|
||||
|
||||
# MEMORY usage logging
|
||||
AC_ARG_ENABLE([memorylog],
|
||||
[AS_HELP_STRING([--enable-memorylog],[Enable dynamic memory logging (default: disabled)])],
|
||||
[ ENABLED_MEMORYLOG=$enableval ],
|
||||
[ ENABLED_MEMORYLOG=no ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_MEMORYLOG" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MEMORY_LOG"
|
||||
fi
|
||||
|
||||
|
||||
|
||||
# RSA
|
||||
AC_ARG_ENABLE([rsa],
|
||||
|
||||
@@ -1972,12 +1972,6 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
err_sys("unable to use curve secp256r1");
|
||||
}
|
||||
#endif
|
||||
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
|
||||
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP384R1)
|
||||
!= WOLFSSL_SUCCESS) {
|
||||
err_sys("unable to use curve secp384r1");
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
}
|
||||
if (onlyKeyShare == 0 || onlyKeyShare == 1) {
|
||||
|
||||
+221
-105
@@ -4688,12 +4688,14 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(ssl->arrays, 0, sizeof(Arrays));
|
||||
#if defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER)
|
||||
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN, ssl->heap,
|
||||
DYNAMIC_TYPE_SECRET);
|
||||
if (ssl->arrays->preMasterSecret == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
|
||||
#endif
|
||||
|
||||
#ifdef SINGLE_THREADED
|
||||
if (ctx->suites == NULL)
|
||||
@@ -5072,6 +5074,13 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
/* clear keys struct after session */
|
||||
ForceZero(&ssl->keys, sizeof(Keys));
|
||||
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (ssl->options.tls1_3) {
|
||||
ForceZero(&ssl->clientSecret, sizeof(ssl->clientSecret));
|
||||
ForceZero(&ssl->serverSecret, sizeof(ssl->serverSecret));
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef NO_DH
|
||||
if (ssl->buffers.serverDH_Priv.buffer) {
|
||||
ForceZero(ssl->buffers.serverDH_Priv.buffer,
|
||||
@@ -5274,22 +5283,34 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
if (ssl->buffers.inputBuffer.dynamicFlag)
|
||||
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
|
||||
|
||||
/* suites */
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
if (!ssl->options.tls1_3)
|
||||
#endif
|
||||
{
|
||||
/* suites */
|
||||
#ifdef SINGLE_THREADED
|
||||
if (ssl->suites != ssl->ctx->suites)
|
||||
#endif
|
||||
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
|
||||
ssl->suites = NULL;
|
||||
ssl->suites = NULL;
|
||||
|
||||
/* hsHashes */
|
||||
FreeHandshakeHashes(ssl);
|
||||
/* hsHashes */
|
||||
FreeHandshakeHashes(ssl);
|
||||
}
|
||||
|
||||
/* RNG */
|
||||
if (ssl->options.tls1_1 == 0
|
||||
#ifndef WOLFSSL_AEAD_ONLY
|
||||
|| ssl->specs.cipher_type == stream
|
||||
#endif
|
||||
) {
|
||||
#if defined(WOLFSSL_TLS13)
|
||||
#if !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
|| ssl->options.tls1_3
|
||||
#elif !defined(HAVE_SESSION_TICKET)
|
||||
|| (ssl->options.tls1_3 && ssl->options.side == WOLFSSL_SERVER_END)
|
||||
#endif
|
||||
#endif
|
||||
) {
|
||||
if (ssl->options.weOwnRng) {
|
||||
wc_FreeRng(ssl->rng);
|
||||
XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
|
||||
@@ -5308,21 +5329,36 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
}
|
||||
#endif
|
||||
|
||||
/* arrays */
|
||||
if (ssl->options.saveArrays == 0)
|
||||
FreeArrays(ssl, 1);
|
||||
|
||||
#ifndef NO_RSA
|
||||
/* peerRsaKey */
|
||||
FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
|
||||
ssl->peerRsaKeyPresent = 0;
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) && \
|
||||
defined(HAVE_SESSION_TICKET)
|
||||
if (!ssl->options.tls1_3)
|
||||
#endif
|
||||
/* arrays */
|
||||
if (ssl->options.saveArrays == 0)
|
||||
FreeArrays(ssl, 1);
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
if (!ssl->options.tls1_3 || ssl->options.side == WOLFSSL_CLIENT_END)
|
||||
#endif
|
||||
{
|
||||
#ifndef NO_RSA
|
||||
/* peerRsaKey */
|
||||
FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
|
||||
ssl->peerRsaKeyPresent = 0;
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey);
|
||||
ssl->peerEccDsaKeyPresent = 0;
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_ED25519
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ED25519, (void**)&ssl->peerEd25519Key);
|
||||
ssl->peerEd25519KeyPresent = 0;
|
||||
#endif /* HAVE_ED25519 */
|
||||
}
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey);
|
||||
ssl->peerEccDsaKeyPresent = 0;
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
|
||||
{
|
||||
@@ -5347,6 +5383,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->peerX25519Key);
|
||||
ssl->peerX25519KeyPresent = 0;
|
||||
#endif
|
||||
|
||||
#ifndef NO_DH
|
||||
if (ssl->buffers.serverDH_Priv.buffer) {
|
||||
ForceZero(ssl->buffers.serverDH_Priv.buffer,
|
||||
@@ -5364,10 +5401,15 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
ssl->buffers.serverDH_P.buffer = NULL;
|
||||
}
|
||||
#endif /* !NO_DH */
|
||||
|
||||
#ifndef NO_CERTS
|
||||
wolfSSL_UnloadCertsKeys(ssl);
|
||||
#endif
|
||||
#ifdef HAVE_PK_CALLBACKS
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
if (!ssl->options.tls1_3 || ssl->options.side == WOLFSSL_CLIENT_END)
|
||||
#endif
|
||||
{
|
||||
#ifdef HAVE_ECC
|
||||
XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC);
|
||||
ssl->buffers.peerEccDsaKey.buffer = NULL;
|
||||
@@ -5381,6 +5423,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
DYNAMIC_TYPE_ED25519);
|
||||
ssl->buffers.peerEd25519Key.buffer = NULL;
|
||||
#endif
|
||||
}
|
||||
#endif /* HAVE_PK_CALLBACKS */
|
||||
|
||||
#ifdef HAVE_QSH
|
||||
@@ -5396,6 +5439,13 @@ void FreeHandshakeResources(WOLFSSL* ssl)
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_TLS_EXTENSIONS) && !defined(HAVE_SNI) && \
|
||||
!defined(HAVE_ALPN) && !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
|
||||
/* Some extensions need to be kept for post-handshake querying. */
|
||||
TLSX_FreeAll(ssl->extensions, ssl->heap);
|
||||
ssl->extensions = NULL;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
/* when done with handshake decrement current handshake count */
|
||||
if (ssl->heap != NULL) {
|
||||
@@ -10481,6 +10531,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
|
||||
IsAtLeastTLSv1_3(ssl->version)) {
|
||||
ssl->options.cacheMessages = 0;
|
||||
if (ssl->hsHashes->messages != NULL) {
|
||||
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
|
||||
ssl->hsHashes->messages = NULL;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
@@ -10549,6 +10603,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
if (ssl->options.resuming || !ssl->options.verifyPeer || \
|
||||
!IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
|
||||
ssl->options.cacheMessages = 0;
|
||||
if (ssl->hsHashes->messages != NULL) {
|
||||
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
|
||||
ssl->hsHashes->messages = NULL;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
@@ -10579,6 +10637,9 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
SendAlert(ssl, alert_fatal, decode_error);
|
||||
ret = DECODE_E;
|
||||
}
|
||||
if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) {
|
||||
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
|
||||
/* if async, offset index so this msg will be processed again */
|
||||
@@ -15396,7 +15457,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
|
||||
return "Certificate context does not match request or not empty";
|
||||
|
||||
case BAD_KEY_SHARE_DATA:
|
||||
return "The Key Share data contains group that was in Client Hello";
|
||||
return "The Key Share data contains group that wasn't in Client Hello";
|
||||
|
||||
case MISSING_HANDSHAKE_DATA:
|
||||
return "The handshake message is missing required data";
|
||||
@@ -16438,37 +16499,39 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
|
||||
}
|
||||
|
||||
#ifndef NO_RSA
|
||||
ssl->hsType = DYNAMIC_TYPE_RSA;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
WOLFSSL_MSG("Trying RSA private key");
|
||||
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an RSA private key. */
|
||||
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(RsaKey*)ssl->hsKey, ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using RSA private key");
|
||||
|
||||
/* It worked so check it meets minimum key size requirements. */
|
||||
keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey);
|
||||
if (keySz < 0) { /* check if keySz has error case */
|
||||
ERROR_OUT(keySz, exit_dpk);
|
||||
if (ssl->buffers.keyType == rsa_sa_algo || ssl->buffers.keyType == 0) {
|
||||
ssl->hsType = DYNAMIC_TYPE_RSA;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
if (keySz < ssl->options.minRsaKeySz) {
|
||||
WOLFSSL_MSG("RSA key size too small");
|
||||
ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk);
|
||||
WOLFSSL_MSG("Trying RSA private key");
|
||||
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an RSA private key. */
|
||||
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(RsaKey*)ssl->hsKey, ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using RSA private key");
|
||||
|
||||
/* It worked so check it meets minimum key size requirements. */
|
||||
keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey);
|
||||
if (keySz < 0) { /* check if keySz has error case */
|
||||
ERROR_OUT(keySz, exit_dpk);
|
||||
}
|
||||
|
||||
if (keySz < ssl->options.minRsaKeySz) {
|
||||
WOLFSSL_MSG("RSA key size too small");
|
||||
ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk);
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = (word16)keySz;
|
||||
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = (word16)keySz;
|
||||
|
||||
goto exit_dpk;
|
||||
}
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
@@ -16477,38 +16540,40 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
|
||||
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
|
||||
#endif /* !NO_RSA */
|
||||
|
||||
ssl->hsType = DYNAMIC_TYPE_ECC;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
#ifndef NO_RSA
|
||||
WOLFSSL_MSG("Trying ECC private key, RSA didn't work");
|
||||
#else
|
||||
WOLFSSL_MSG("Trying ECC private key");
|
||||
#endif
|
||||
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an ECC private key. */
|
||||
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(ecc_key*)ssl->hsKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using ECC private key");
|
||||
|
||||
/* Check it meets the minimum ECC key size requirements. */
|
||||
keySz = wc_ecc_size((ecc_key*)ssl->hsKey);
|
||||
if (keySz < ssl->options.minEccKeySz) {
|
||||
WOLFSSL_MSG("ECC key size too small");
|
||||
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
|
||||
if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0) {
|
||||
ssl->hsType = DYNAMIC_TYPE_ECC;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey);
|
||||
#ifndef NO_RSA
|
||||
WOLFSSL_MSG("Trying ECC private key, RSA didn't work");
|
||||
#else
|
||||
WOLFSSL_MSG("Trying ECC private key");
|
||||
#endif
|
||||
|
||||
goto exit_dpk;
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an ECC private key. */
|
||||
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(ecc_key*)ssl->hsKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using ECC private key");
|
||||
|
||||
/* Check it meets the minimum ECC key size requirements. */
|
||||
keySz = wc_ecc_size((ecc_key*)ssl->hsKey);
|
||||
if (keySz < ssl->options.minEccKeySz) {
|
||||
WOLFSSL_MSG("ECC key size too small");
|
||||
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey);
|
||||
|
||||
goto exit_dpk;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_ED25519
|
||||
@@ -16516,39 +16581,41 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
|
||||
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
|
||||
#endif
|
||||
|
||||
ssl->hsType = DYNAMIC_TYPE_ED25519;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work");
|
||||
#elif !defined(NO_RSA)
|
||||
WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work");
|
||||
#else
|
||||
WOLFSSL_MSG("Trying ED25519 private key");
|
||||
#endif
|
||||
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an ED25519 private key. */
|
||||
ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(ed25519_key*)ssl->hsKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using ED25519 private key");
|
||||
|
||||
/* Check it meets the minimum ECC key size requirements. */
|
||||
if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) {
|
||||
WOLFSSL_MSG("ED25519 key size too small");
|
||||
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
|
||||
if (ssl->buffers.keyType == ed25519_sa_algo || ssl->buffers.keyType == 0) {
|
||||
ssl->hsType = DYNAMIC_TYPE_ED25519;
|
||||
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
|
||||
if (ret != 0) {
|
||||
goto exit_dpk;
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = ED25519_SIG_SIZE;
|
||||
#ifdef HAVE_ECC
|
||||
WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work");
|
||||
#elif !defined(NO_RSA)
|
||||
WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work");
|
||||
#else
|
||||
WOLFSSL_MSG("Trying ED25519 private key");
|
||||
#endif
|
||||
|
||||
goto exit_dpk;
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is an ED25519 private key. */
|
||||
ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx,
|
||||
(ed25519_key*)ssl->hsKey,
|
||||
ssl->buffers.key->length);
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using ED25519 private key");
|
||||
|
||||
/* Check it meets the minimum ECC key size requirements. */
|
||||
if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) {
|
||||
WOLFSSL_MSG("ED25519 key size too small");
|
||||
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
|
||||
}
|
||||
|
||||
/* Return the maximum signature length. */
|
||||
*length = ED25519_SIG_SIZE;
|
||||
|
||||
goto exit_dpk;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_ED25519 */
|
||||
|
||||
@@ -18240,6 +18307,11 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
|
||||
args->sigSz = (word16)ret;
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
/* peerRsaKey */
|
||||
FreeKey(ssl, DYNAMIC_TYPE_RSA,
|
||||
(void**)&ssl->peerRsaKey);
|
||||
ssl->peerRsaKeyPresent = 0;
|
||||
break;
|
||||
}
|
||||
#endif /* !NO_RSA */
|
||||
@@ -19149,6 +19221,14 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
||||
if (args->encSecret == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_scke);
|
||||
}
|
||||
if (ssl->arrays->preMasterSecret == NULL) {
|
||||
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN,
|
||||
ssl->heap, DYNAMIC_TYPE_SECRET);
|
||||
if (ssl->arrays->preMasterSecret == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_scke);
|
||||
}
|
||||
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
|
||||
}
|
||||
|
||||
switch(ssl->specs.kea)
|
||||
{
|
||||
@@ -19539,6 +19619,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
||||
&ssl->arrays->preMasterSz,
|
||||
WOLFSSL_CLIENT_END
|
||||
);
|
||||
if (ret == 0) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC,
|
||||
(void**)&ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
}
|
||||
break;
|
||||
}
|
||||
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
|
||||
@@ -19584,7 +19669,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
||||
&ssl->arrays->preMasterSz,
|
||||
WOLFSSL_CLIENT_END
|
||||
);
|
||||
if (ret == 0) {
|
||||
if (ret == 0 && !ssl->specs.static_ecdh) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
|
||||
(void**)&ssl->peerX25519Key);
|
||||
ssl->peerX25519KeyPresent = 0;
|
||||
@@ -19603,6 +19688,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
|
||||
&ssl->arrays->preMasterSz,
|
||||
WOLFSSL_CLIENT_END
|
||||
);
|
||||
if (ret == 0 && !ssl->specs.static_ecdh) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC,
|
||||
(void**)&ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
break;
|
||||
@@ -20454,7 +20544,14 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
|
||||
/* Create a fake sessionID based on the ticket, this will
|
||||
* supercede the existing session cache info. */
|
||||
ssl->options.haveSessionId = 1;
|
||||
XMEMCPY(ssl->arrays->sessionID,
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (ssl->options.tls1_3) {
|
||||
XMEMCPY(ssl->session.sessionID,
|
||||
ssl->session.ticket + length - ID_LEN, ID_LEN);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
XMEMCPY(ssl->arrays->sessionID,
|
||||
ssl->session.ticket + length - ID_LEN, ID_LEN);
|
||||
}
|
||||
|
||||
@@ -24139,6 +24236,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ssl->arrays->preMasterSecret == NULL) {
|
||||
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN,
|
||||
ssl->heap, DYNAMIC_TYPE_SECRET);
|
||||
if (ssl->arrays->preMasterSecret == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_dcke);
|
||||
}
|
||||
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
|
||||
}
|
||||
|
||||
switch (ssl->specs.kea) {
|
||||
#ifndef NO_RSA
|
||||
case rsa_kea:
|
||||
@@ -24824,6 +24930,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
&ssl->arrays->preMasterSz,
|
||||
WOLFSSL_SERVER_END
|
||||
);
|
||||
if (ret == 0) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC,
|
||||
(void**)&ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
}
|
||||
@@ -24884,6 +24995,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
&args->sigSz,
|
||||
WOLFSSL_SERVER_END
|
||||
);
|
||||
if (ret == 0 && !ssl->specs.static_ecdh) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC,
|
||||
(void**)&ssl->peerEccKey);
|
||||
ssl->peerEccKeyPresent = 0;
|
||||
}
|
||||
break;
|
||||
}
|
||||
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
|
||||
|
||||
@@ -3291,6 +3291,9 @@ static int CleanPreMaster(WOLFSSL* ssl)
|
||||
for (i = 0; i < sz; i++)
|
||||
ssl->arrays->preMasterSecret[i] = 0;
|
||||
|
||||
XFREE(ssl->arrays->preMasterSecret, ssl->heap, DYNAMIC_TYPE_SECRET);
|
||||
ssl->arrays->preMasterSecret = NULL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -9655,7 +9655,7 @@ WOLFSSL_SESSION* GetSession(WOLFSSL* ssl, byte* masterSecret,
|
||||
return NULL;
|
||||
#endif
|
||||
|
||||
if (ssl->arrays)
|
||||
if (!ssl->options.tls1_3 && ssl->arrays != NULL)
|
||||
id = ssl->arrays->sessionID;
|
||||
else
|
||||
id = ssl->session.sessionID;
|
||||
@@ -9932,8 +9932,17 @@ int AddSession(WOLFSSL* ssl)
|
||||
{
|
||||
/* Use the session object in the cache for external cache if required.
|
||||
*/
|
||||
row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) %
|
||||
SESSION_ROWS;
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
||||
if (ssl->options.tls1_3) {
|
||||
row = HashSession(ssl->session.sessionID, ID_LEN, &error) %
|
||||
SESSION_ROWS;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) %
|
||||
SESSION_ROWS;
|
||||
}
|
||||
if (error != 0) {
|
||||
WOLFSSL_MSG("Hash session failed");
|
||||
#ifdef HAVE_SESSION_TICKET
|
||||
@@ -9961,8 +9970,17 @@ int AddSession(WOLFSSL* ssl)
|
||||
else
|
||||
XMEMCPY(session->masterSecret, ssl->session.masterSecret, SECRET_LEN);
|
||||
session->haveEMS = ssl->options.haveEMS;
|
||||
XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
|
||||
session->sessionIDSz = ssl->arrays->sessionIDSz;
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
|
||||
if (ssl->options.tls1_3) {
|
||||
XMEMCPY(session->sessionID, ssl->session.sessionID, ID_LEN);
|
||||
session->sessionIDSz = ID_LEN;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
|
||||
session->sessionIDSz = ssl->arrays->sessionIDSz;
|
||||
}
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/* If using compatibilty layer then check for and copy over session context
|
||||
@@ -26114,6 +26132,30 @@ int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
|
||||
#ifdef ALT_ECC_SIZE
|
||||
static int SetIndividualInternalEcc(WOLFSSL_BIGNUM* bn, mp_int* mpi)
|
||||
{
|
||||
WOLFSSL_MSG("Entering SetIndividualInternal");
|
||||
|
||||
if (bn == NULL || bn->internal == NULL) {
|
||||
WOLFSSL_MSG("bn NULL error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
if (mpi == NULL) {
|
||||
WOLFSSL_MSG("mpi NULL error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
if (mp_copy((mp_int*)bn->internal, mpi) != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_copy error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
#endif /* ALT_ECC_SIZE */
|
||||
|
||||
/* EC_POINT Openssl -> WolfSSL */
|
||||
static int SetECPointInternal(WOLFSSL_EC_POINT *p)
|
||||
{
|
||||
@@ -26127,6 +26169,7 @@ static int SetECPointInternal(WOLFSSL_EC_POINT *p)
|
||||
|
||||
point = (ecc_point*)p->internal;
|
||||
|
||||
#ifndef ALT_ECC_SIZE
|
||||
if (p->X != NULL && SetIndividualInternal(p->X, point->x) != WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("ecc point X error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
@@ -26141,6 +26184,22 @@ static int SetECPointInternal(WOLFSSL_EC_POINT *p)
|
||||
WOLFSSL_MSG("ecc point Z error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
#else
|
||||
if (p->X != NULL && SetIndividualInternalEcc(p->X, point->x) != WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("ecc point X error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
if (p->Y != NULL && SetIndividualInternalEcc(p->Y, point->y) != WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("ecc point Y error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
if (p->Z != NULL && SetIndividualInternalEcc(p->Z, point->z) != WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("ecc point Z error");
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
#endif
|
||||
|
||||
p->inSet = 1;
|
||||
|
||||
|
||||
@@ -6203,7 +6203,8 @@ static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
|
||||
#endif
|
||||
}
|
||||
}
|
||||
XFREE(current->key, heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
if (current->key != NULL)
|
||||
XFREE(current->key, heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
XFREE(current->pubKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
XFREE(current->ke, heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
XFREE(current, heap, DYNAMIC_TYPE_TLSX);
|
||||
@@ -6382,7 +6383,7 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* TODO: Make this function non-blocking */
|
||||
if (ret == WC_PENDING_E) {
|
||||
ret = wc_AsyncWait(ret, dhKey.asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
ret = wc_AsyncWait(ret, dhKey->asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
}
|
||||
#endif
|
||||
/* RFC 8446 Section 7.4.1:
|
||||
@@ -6400,6 +6401,14 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
|
||||
#endif
|
||||
if (keyShareEntry->key != NULL) {
|
||||
XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
keyShareEntry->key = NULL;
|
||||
}
|
||||
XFREE(keyShareEntry->pubKey, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
keyShareEntry->pubKey = NULL;
|
||||
XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
|
||||
keyShareEntry->ke = NULL;
|
||||
|
||||
return ret;
|
||||
#else
|
||||
@@ -6463,8 +6472,14 @@ static int TLSX_KeyShare_ProcessX25519(WOLFSSL* ssl,
|
||||
&ssl->arrays->preMasterSz,
|
||||
EC25519_LITTLE_ENDIAN);
|
||||
}
|
||||
|
||||
wc_curve25519_free(peerX25519Key);
|
||||
XFREE(peerX25519Key, ssl->heap, DYNAMIC_TYPE_TLSX);
|
||||
wc_curve25519_free((curve25519_key*)keyShareEntry->key);
|
||||
if (keyShareEntry->key != NULL) {
|
||||
XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
keyShareEntry->key = NULL;
|
||||
}
|
||||
#else
|
||||
(void)ssl;
|
||||
(void)keyShareEntry;
|
||||
@@ -6566,6 +6581,13 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
|
||||
);
|
||||
#endif
|
||||
|
||||
XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
|
||||
ssl->peerEccKey = NULL;
|
||||
wc_ecc_free((ecc_key*)(keyShareEntry->key));
|
||||
if (keyShareEntry->key != NULL) {
|
||||
XFREE(keyShareEntry->key, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY);
|
||||
keyShareEntry->key = NULL;
|
||||
}
|
||||
|
||||
#else
|
||||
(void)ssl;
|
||||
|
||||
+72
-43
@@ -1027,7 +1027,7 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
switch (secret) {
|
||||
#ifdef WOLFSSL_EARLY_DATA
|
||||
case early_data_key:
|
||||
ret = DeriveEarlyTrafficSecret(ssl, ssl->arrays->clientSecret);
|
||||
ret = DeriveEarlyTrafficSecret(ssl, ssl->clientSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
break;
|
||||
@@ -1036,13 +1036,13 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
case handshake_key:
|
||||
if (provision & PROVISION_CLIENT) {
|
||||
ret = DeriveClientHandshakeSecret(ssl,
|
||||
ssl->arrays->clientSecret);
|
||||
ssl->clientSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
if (provision & PROVISION_SERVER) {
|
||||
ret = DeriveServerHandshakeSecret(ssl,
|
||||
ssl->arrays->serverSecret);
|
||||
ssl->serverSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
@@ -1050,12 +1050,12 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
|
||||
case traffic_key:
|
||||
if (provision & PROVISION_CLIENT) {
|
||||
ret = DeriveClientTrafficSecret(ssl, ssl->arrays->clientSecret);
|
||||
ret = DeriveClientTrafficSecret(ssl, ssl->clientSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
if (provision & PROVISION_SERVER) {
|
||||
ret = DeriveServerTrafficSecret(ssl, ssl->arrays->serverSecret);
|
||||
ret = DeriveServerTrafficSecret(ssl, ssl->serverSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
@@ -1063,12 +1063,12 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
|
||||
case update_traffic_key:
|
||||
if (provision & PROVISION_CLIENT) {
|
||||
ret = DeriveTrafficSecret(ssl, ssl->arrays->clientSecret);
|
||||
ret = DeriveTrafficSecret(ssl, ssl->clientSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
if (provision & PROVISION_SERVER) {
|
||||
ret = DeriveTrafficSecret(ssl, ssl->arrays->serverSecret);
|
||||
ret = DeriveTrafficSecret(ssl, ssl->serverSecret);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
}
|
||||
@@ -1084,7 +1084,7 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
/* Derive the client key. */
|
||||
WOLFSSL_MSG("Derive Client Key");
|
||||
ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size,
|
||||
ssl->arrays->clientSecret, writeKeyLabel,
|
||||
ssl->clientSecret, writeKeyLabel,
|
||||
WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
@@ -1095,7 +1095,7 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
/* Derive the server key. */
|
||||
WOLFSSL_MSG("Derive Server Key");
|
||||
ret = DeriveKey(ssl, &key_dig[i], ssl->specs.key_size,
|
||||
ssl->arrays->serverSecret, writeKeyLabel,
|
||||
ssl->serverSecret, writeKeyLabel,
|
||||
WRITE_KEY_LABEL_SZ, ssl->specs.mac_algorithm, 0);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
@@ -1106,7 +1106,7 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
/* Derive the client IV. */
|
||||
WOLFSSL_MSG("Derive Client IV");
|
||||
ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size,
|
||||
ssl->arrays->clientSecret, writeIVLabel,
|
||||
ssl->clientSecret, writeIVLabel,
|
||||
WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
@@ -1117,7 +1117,7 @@ static int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store)
|
||||
/* Derive the server IV. */
|
||||
WOLFSSL_MSG("Derive Server IV");
|
||||
ret = DeriveKey(ssl, &key_dig[i], ssl->specs.iv_size,
|
||||
ssl->arrays->serverSecret, writeIVLabel,
|
||||
ssl->serverSecret, writeIVLabel,
|
||||
WRITE_IV_LABEL_SZ, ssl->specs.mac_algorithm, 0);
|
||||
if (ret != 0)
|
||||
goto end;
|
||||
@@ -5141,9 +5141,6 @@ static int SendTls13Certificate(WOLFSSL* ssl)
|
||||
|
||||
typedef struct Scv13Args {
|
||||
byte* output; /* not allocated */
|
||||
#ifndef NO_RSA
|
||||
byte* verifySig;
|
||||
#endif
|
||||
byte* verify; /* not allocated */
|
||||
word32 idx;
|
||||
word32 sigLen;
|
||||
@@ -5161,12 +5158,6 @@ static void FreeScv13Args(WOLFSSL* ssl, void* pArgs)
|
||||
|
||||
(void)ssl;
|
||||
|
||||
#ifndef NO_RSA
|
||||
if (args->verifySig) {
|
||||
XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||
args->verifySig = NULL;
|
||||
}
|
||||
#endif
|
||||
if (args->sigData) {
|
||||
XFREE(args->sigData, ssl->heap, DYNAMIC_TYPE_SIGNATURE);
|
||||
args->sigData = NULL;
|
||||
@@ -5279,13 +5270,22 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
|
||||
#endif
|
||||
EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo, args->verify);
|
||||
|
||||
/* Create the data to be signed. */
|
||||
args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
|
||||
int sigLen = MAX_SIG_DATA_SZ;
|
||||
if (args->length > MAX_SIG_DATA_SZ)
|
||||
sigLen = args->length;
|
||||
args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
}
|
||||
else {
|
||||
args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
}
|
||||
if (args->sigData == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_scv);
|
||||
}
|
||||
|
||||
/* Create the data to be signed. */
|
||||
ret = CreateSigData(ssl, args->sigData, &args->sigDataSz, 0);
|
||||
if (ret != 0)
|
||||
goto exit_scv;
|
||||
@@ -5293,9 +5293,9 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
|
||||
#ifndef NO_RSA
|
||||
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
|
||||
/* build encoded signature buffer */
|
||||
sig->length = MAX_ENCODED_SIG_SZ;
|
||||
sig->length = WC_MAX_DIGEST_SIZE;
|
||||
sig->buffer = (byte*)XMALLOC(sig->length, ssl->heap,
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
if (sig->buffer == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_scv);
|
||||
}
|
||||
@@ -5398,19 +5398,12 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
|
||||
{
|
||||
#ifndef NO_RSA
|
||||
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
|
||||
if (args->verifySig == NULL) {
|
||||
args->verifySig = (byte*)XMALLOC(args->sigLen, ssl->heap,
|
||||
DYNAMIC_TYPE_SIGNATURE);
|
||||
if (args->verifySig == NULL) {
|
||||
ERROR_OUT(MEMORY_E, exit_scv);
|
||||
}
|
||||
XMEMCPY(args->verifySig,
|
||||
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
|
||||
args->sigLen);
|
||||
}
|
||||
XMEMCPY(args->sigData,
|
||||
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
|
||||
args->sigLen);
|
||||
|
||||
/* check for signature faults */
|
||||
ret = VerifyRsaSign(ssl, args->verifySig, args->sigLen,
|
||||
ret = VerifyRsaSign(ssl, args->sigData, args->sigLen,
|
||||
sig->buffer, sig->length, args->sigAlgo,
|
||||
ssl->suites->hashAlgo, (RsaKey*)ssl->hsKey,
|
||||
ssl->buffers.key
|
||||
@@ -5740,6 +5733,9 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
||||
if (ret >= 0) {
|
||||
args->sendSz = ret;
|
||||
ret = 0;
|
||||
|
||||
FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
|
||||
ssl->peerRsaKeyPresent = 0;
|
||||
}
|
||||
}
|
||||
#endif /* !NO_RSA */
|
||||
@@ -5756,6 +5752,11 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
||||
NULL
|
||||
#endif
|
||||
);
|
||||
|
||||
if (ret >= 0) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccDsaKey);
|
||||
ssl->peerEccDsaKeyPresent = 0;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
#ifdef HAVE_ED25519
|
||||
@@ -5771,6 +5772,12 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
|
||||
NULL
|
||||
#endif
|
||||
);
|
||||
|
||||
if (ret >= 0) {
|
||||
FreeKey(ssl, DYNAMIC_TYPE_ED25519,
|
||||
(void**)&ssl->peerEd25519Key);
|
||||
ssl->peerEd25519KeyPresent = 0;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -5876,7 +5883,7 @@ static int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
return BUFFER_E;
|
||||
|
||||
if (ssl->options.handShakeDone) {
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->clientSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->clientSecret,
|
||||
ssl->keys.client_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
@@ -5887,12 +5894,12 @@ static int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
/* All the handshake messages have been received to calculate
|
||||
* client and server finished keys.
|
||||
*/
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->clientSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->clientSecret,
|
||||
ssl->keys.client_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->serverSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->serverSecret,
|
||||
ssl->keys.server_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
@@ -5990,7 +5997,7 @@ static int SendTls13Finished(WOLFSSL* ssl)
|
||||
|
||||
/* make finished hashes */
|
||||
if (ssl->options.handShakeDone) {
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->clientSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->clientSecret,
|
||||
ssl->keys.client_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
@@ -6003,12 +6010,12 @@ static int SendTls13Finished(WOLFSSL* ssl)
|
||||
/* All the handshake messages have been done to calculate client and
|
||||
* server finished keys.
|
||||
*/
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->clientSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->clientSecret,
|
||||
ssl->keys.client_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
ret = DeriveFinishedSecret(ssl, ssl->arrays->serverSecret,
|
||||
ret = DeriveFinishedSecret(ssl, ssl->serverSecret,
|
||||
ssl->keys.server_write_MAC_secret);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
@@ -6025,7 +6032,7 @@ static int SendTls13Finished(WOLFSSL* ssl)
|
||||
if (sendSz < 0)
|
||||
return BUILD_MSG_ERROR;
|
||||
|
||||
if (!ssl->options.resuming) {
|
||||
if (!ssl->options.resuming && ssl->options.side == WOLFSSL_SERVER_END) {
|
||||
#ifndef NO_SESSION_CACHE
|
||||
AddSession(ssl); /* just try */
|
||||
#endif
|
||||
@@ -7088,6 +7095,17 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
case server_hello:
|
||||
WOLFSSL_MSG("processing server hello");
|
||||
ret = DoTls13ServerHello(ssl, input, inOutIdx, size, &type);
|
||||
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \
|
||||
!defined(NO_ED25519_CLIENT_AUTH)
|
||||
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
|
||||
IsAtLeastTLSv1_3(ssl->version)) {
|
||||
ssl->options.cacheMessages = 0;
|
||||
if (ssl->hsHashes->messages != NULL) {
|
||||
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
|
||||
ssl->hsHashes->messages = NULL;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
|
||||
case encrypted_extensions:
|
||||
@@ -7162,6 +7180,9 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
type != key_update) {
|
||||
ret = HashInput(ssl, input + inIdx, size);
|
||||
}
|
||||
if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) {
|
||||
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
|
||||
}
|
||||
|
||||
if (ret == BUFFER_ERROR || ret == MISSING_HANDSHAKE_DATA)
|
||||
SendAlert(ssl, alert_fatal, decode_error);
|
||||
@@ -7578,6 +7599,10 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
||||
}
|
||||
#endif /* NO_HANDSHAKE_DONE_CB */
|
||||
|
||||
if (!ssl->options.keepResources) {
|
||||
FreeHandshakeResources(ssl);
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("wolfSSL_connect_TLSv13()", WOLFSSL_SUCCESS);
|
||||
return WOLFSSL_SUCCESS;
|
||||
|
||||
@@ -8351,6 +8376,10 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
||||
}
|
||||
#endif /* NO_HANDSHAKE_DONE_CB */
|
||||
|
||||
if (!ssl->options.keepResources) {
|
||||
FreeHandshakeResources(ssl);
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("SSL_accept()", WOLFSSL_SUCCESS);
|
||||
return WOLFSSL_SUCCESS;
|
||||
|
||||
|
||||
@@ -71,6 +71,10 @@ Possible memory options:
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if defined(WOLFSSL_MALLOC_CHECK) || defined(WOLFSSL_TRACK_MEMORY_FULL) || \
|
||||
defined(WOLFSSL_MEMORY_LOG)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
|
||||
/* Set these to default values initially. */
|
||||
@@ -992,3 +996,81 @@ void XFREE(void *p, void* heap, int type)
|
||||
|
||||
#endif /* HAVE_IO_POOL */
|
||||
|
||||
#ifdef WOLFSSL_MEMORY_LOG
|
||||
void *xmalloc(size_t n, void* heap, int type, const char* func,
|
||||
const char* file, unsigned int line)
|
||||
{
|
||||
void* p;
|
||||
word32* p32;
|
||||
|
||||
if (malloc_function)
|
||||
p32 = malloc_function(n + sizeof(word32) * 4);
|
||||
else
|
||||
p32 = malloc(n + sizeof(word32) * 4);
|
||||
|
||||
p32[0] = n;
|
||||
p = (void*)(p32 + 4);
|
||||
|
||||
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%s:%d\n", p, (word32)n, type,
|
||||
func, file, line);
|
||||
|
||||
(void)heap;
|
||||
|
||||
return p;
|
||||
}
|
||||
void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
|
||||
const char* file, unsigned int line)
|
||||
{
|
||||
void* newp = NULL;
|
||||
word32* p32;
|
||||
word32* oldp32 = NULL;
|
||||
word32 oldLen;
|
||||
|
||||
if (p != NULL) {
|
||||
oldp32 = (word32*)p;
|
||||
oldp32 -= 4;
|
||||
oldLen = oldp32[0];
|
||||
}
|
||||
|
||||
if (realloc_function)
|
||||
p32 = realloc_function(oldp32, n + sizeof(word32) * 4);
|
||||
else
|
||||
p32 = realloc(oldp32, n + sizeof(word32) * 4);
|
||||
|
||||
if (p32 != NULL) {
|
||||
p32[0] = n;
|
||||
newp = (void*)(p32 + 4);
|
||||
|
||||
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%s:%d\n", newp, (word32)n,
|
||||
type, func, file, line);
|
||||
if (p != NULL) {
|
||||
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%d\n", p, oldLen,
|
||||
type, func, file, line);
|
||||
}
|
||||
}
|
||||
|
||||
(void)heap;
|
||||
|
||||
return newp;
|
||||
}
|
||||
void xfree(void *p, void* heap, int type, const char* func, const char* file,
|
||||
unsigned int line)
|
||||
{
|
||||
word32* p32 = (word32*)p;
|
||||
|
||||
if (p != NULL) {
|
||||
p32 -= 4;
|
||||
|
||||
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%d\n", p, p32[0], type,
|
||||
func, file, line);
|
||||
|
||||
if (free_function)
|
||||
free_function(p32);
|
||||
else
|
||||
free(p32);
|
||||
}
|
||||
|
||||
(void)heap;
|
||||
}
|
||||
#endif /* WOLFSSL_MEMORY_LOG */
|
||||
|
||||
|
||||
@@ -531,7 +531,7 @@ static int InitSha256(wc_Sha256* sha256)
|
||||
word32* W = sha256->W;
|
||||
if (W == NULL) {
|
||||
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
|
||||
DYNAMIC_TYPE_RNG);
|
||||
DYNAMIC_TYPE_DIGEST);
|
||||
if (W == NULL)
|
||||
return MEMORY_E;
|
||||
sha256->W = W;
|
||||
@@ -2708,7 +2708,7 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
if (sha224->W != NULL) {
|
||||
XFREE(sha224->W, NULL, DYNAMIC_TYPE_RNG);
|
||||
XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
|
||||
sha224->W = NULL;
|
||||
}
|
||||
#endif
|
||||
@@ -2736,7 +2736,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
if (sha256->W != NULL) {
|
||||
XFREE(sha256->W, NULL, DYNAMIC_TYPE_RNG);
|
||||
XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST);
|
||||
sha256->W = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -8764,11 +8764,11 @@ static int sp_256_ecc_mulmod_10(sp_point* r, sp_point* g, sp_digit* k,
|
||||
|
||||
if (tmp != NULL) {
|
||||
XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 10 * 5);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
if (td != NULL) {
|
||||
XMEMSET(td, 0, sizeof(sp_point) * 3);
|
||||
XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(td, NULL, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
|
||||
return err;
|
||||
|
||||
@@ -7986,11 +7986,11 @@ static int sp_256_ecc_mulmod_5(sp_point* r, sp_point* g, sp_digit* k,
|
||||
|
||||
if (tmp != NULL) {
|
||||
XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 5 * 5);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
if (td != NULL) {
|
||||
XMEMSET(td, 0, sizeof(sp_point) * 3);
|
||||
XFREE(td, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(td, NULL, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
|
||||
return err;
|
||||
|
||||
+4
-2
@@ -3283,8 +3283,6 @@ typedef struct Arrays {
|
||||
byte sessionID[ID_LEN];
|
||||
byte sessionIDSz;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
byte clientSecret[SECRET_LEN];
|
||||
byte serverSecret[SECRET_LEN];
|
||||
byte secret[SECRET_LEN];
|
||||
#endif
|
||||
byte masterSecret[SECRET_LEN];
|
||||
@@ -3577,6 +3575,10 @@ struct WOLFSSL {
|
||||
WOLFSSL_CTX* ctx;
|
||||
Suites* suites; /* only need during handshake */
|
||||
Arrays* arrays;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
byte clientSecret[SECRET_LEN];
|
||||
byte serverSecret[SECRET_LEN];
|
||||
#endif
|
||||
HS_Hashes* hsHashes;
|
||||
void* IOCB_ReadCtx;
|
||||
void* IOCB_WriteCtx;
|
||||
|
||||
+1
-1
@@ -272,7 +272,7 @@
|
||||
#define cliEccCertFile "certs/client-ecc-cert.pem"
|
||||
#define caEccCertFile "certs/ca-ecc-cert/pem"
|
||||
#define crlPemDir "certs/crl"
|
||||
#define edCertFile "certs/ed25519/server-ed25519.pem"
|
||||
#define edCertFile "certs/ed25519/server-ed25519-cert.pem"
|
||||
#define edKeyFile "certs/ed25519/server-ed25519-priv.pem"
|
||||
#define cliEdCertFile "certs/ed25519/client-ed25519.pem"
|
||||
#define cliEdKeyFile "certs/ed25519/client-ed25519-priv.pem"
|
||||
|
||||
@@ -167,7 +167,13 @@ enum Misc_ASN {
|
||||
MIN_DATE_SIZE = 13,
|
||||
MAX_DATE_SIZE = 32,
|
||||
ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
|
||||
#ifndef NO_RSA
|
||||
MAX_ENCODED_SIG_SZ = 512,
|
||||
#elif defined(HAVE_ECC)
|
||||
MAX_ENCODED_SIG_SZ = 140,
|
||||
#else
|
||||
MAX_ENCODED_SIG_SZ = 64,
|
||||
#endif
|
||||
MAX_SIG_SZ = 256,
|
||||
MAX_ALGO_SZ = 20,
|
||||
MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */
|
||||
|
||||
+227
-213
@@ -26,92 +26,92 @@
|
||||
#ifndef WOLF_CRYPT_TYPES_H
|
||||
#define WOLF_CRYPT_TYPES_H
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
#define BIG_ENDIAN_ORDER
|
||||
#endif
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
#define BIG_ENDIAN_ORDER
|
||||
#endif
|
||||
|
||||
#ifndef BIG_ENDIAN_ORDER
|
||||
#define LITTLE_ENDIAN_ORDER
|
||||
#endif
|
||||
#ifndef BIG_ENDIAN_ORDER
|
||||
#define LITTLE_ENDIAN_ORDER
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_TYPES
|
||||
#ifndef byte
|
||||
typedef unsigned char byte;
|
||||
#endif
|
||||
typedef unsigned short word16;
|
||||
typedef unsigned int word32;
|
||||
typedef byte word24[3];
|
||||
#endif
|
||||
#ifndef WOLFSSL_TYPES
|
||||
#ifndef byte
|
||||
typedef unsigned char byte;
|
||||
#endif
|
||||
typedef unsigned short word16;
|
||||
typedef unsigned int word32;
|
||||
typedef byte word24[3];
|
||||
#endif
|
||||
|
||||
|
||||
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
|
||||
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
|
||||
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
|
||||
#if (defined(__alpha__) || defined(__ia64__) || \
|
||||
defined(_ARCH_PPC64) || defined(__mips64) || \
|
||||
defined(__x86_64__) || \
|
||||
((defined(sun) || defined(__sun)) && \
|
||||
(defined(LP64) || defined(_LP64))))
|
||||
/* long should be 64bit */
|
||||
#define SIZEOF_LONG 8
|
||||
#elif defined(__i386__) || defined(__CORTEX_M3__)
|
||||
/* long long should be 64bit */
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
|
||||
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
|
||||
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
|
||||
#if (defined(__alpha__) || defined(__ia64__) || \
|
||||
defined(_ARCH_PPC64) || defined(__mips64) || \
|
||||
defined(__x86_64__) || \
|
||||
((defined(sun) || defined(__sun)) && \
|
||||
(defined(LP64) || defined(_LP64))))
|
||||
/* long should be 64bit */
|
||||
#define SIZEOF_LONG 8
|
||||
#elif defined(__i386__) || defined(__CORTEX_M3__)
|
||||
/* long long should be 64bit */
|
||||
#define SIZEOF_LONG_LONG 8
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##ui64
|
||||
typedef unsigned __int64 word64;
|
||||
#elif defined(__EMSCRIPTEN__)
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##ull
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long word64;
|
||||
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long long word64;
|
||||
#endif
|
||||
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##ui64
|
||||
typedef unsigned __int64 word64;
|
||||
#elif defined(__EMSCRIPTEN__)
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##ull
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long word64;
|
||||
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long long word64;
|
||||
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
|
||||
#define WORD64_AVAILABLE
|
||||
#define W64LIT(x) x##LL
|
||||
typedef unsigned long long word64;
|
||||
#endif
|
||||
|
||||
#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE)
|
||||
/* These platforms have 64-bit CPU registers. */
|
||||
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
|
||||
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
|
||||
/* These platforms have 64-bit CPU registers. */
|
||||
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
|
||||
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
|
||||
defined(__aarch64__) || defined(__sparc64__)
|
||||
typedef word64 wolfssl_word;
|
||||
typedef word64 wolfssl_word;
|
||||
#define WC_64BIT_CPU
|
||||
#elif (defined(sun) || defined(__sun)) && \
|
||||
#elif (defined(sun) || defined(__sun)) && \
|
||||
(defined(LP64) || defined(_LP64))
|
||||
/* LP64 with GNU GCC compiler is reserved for when long int is 64 bits
|
||||
* and int uses 32 bits. When using Solaris Studio sparc and __sparc are
|
||||
* available for 32 bit detection but __sparc64__ could be missed. This
|
||||
* uses LP64 for checking 64 bit CPU arch. */
|
||||
typedef word64 wolfssl_word;
|
||||
typedef word64 wolfssl_word;
|
||||
#define WC_64BIT_CPU
|
||||
#else
|
||||
typedef word32 wolfssl_word;
|
||||
#ifdef WORD64_AVAILABLE
|
||||
#define WOLFCRYPT_SLOW_WORD64
|
||||
#endif
|
||||
#endif
|
||||
typedef word32 wolfssl_word;
|
||||
#ifdef WORD64_AVAILABLE
|
||||
#define WOLFCRYPT_SLOW_WORD64
|
||||
#endif
|
||||
#endif
|
||||
#else
|
||||
#undef WORD64_AVAILABLE
|
||||
typedef word32 wolfssl_word;
|
||||
@@ -119,36 +119,36 @@
|
||||
mp_digit, no 64 bit type so make mp_digit 16 bit */
|
||||
#endif
|
||||
|
||||
enum {
|
||||
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
|
||||
WOLFSSL_BIT_SIZE = 8,
|
||||
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
|
||||
};
|
||||
enum {
|
||||
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
|
||||
WOLFSSL_BIT_SIZE = 8,
|
||||
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
|
||||
};
|
||||
|
||||
#define WOLFSSL_MAX_16BIT 0xffffU
|
||||
#define WOLFSSL_MAX_16BIT 0xffffU
|
||||
|
||||
/* use inlining if compiler allows */
|
||||
#ifndef WC_INLINE
|
||||
#ifndef NO_INLINE
|
||||
#ifdef _MSC_VER
|
||||
#define WC_INLINE __inline
|
||||
#elif defined(__GNUC__)
|
||||
/* use inlining if compiler allows */
|
||||
#ifndef WC_INLINE
|
||||
#ifndef NO_INLINE
|
||||
#ifdef _MSC_VER
|
||||
#define WC_INLINE __inline
|
||||
#elif defined(__GNUC__)
|
||||
#ifdef WOLFSSL_VXWORKS
|
||||
#define WC_INLINE __inline__
|
||||
#else
|
||||
#define WC_INLINE inline
|
||||
#endif
|
||||
#elif defined(__IAR_SYSTEMS_ICC__)
|
||||
#define WC_INLINE inline
|
||||
#elif defined(THREADX)
|
||||
#define WC_INLINE _Inline
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#endif
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#endif
|
||||
#endif
|
||||
#elif defined(__IAR_SYSTEMS_ICC__)
|
||||
#define WC_INLINE inline
|
||||
#elif defined(THREADX)
|
||||
#define WC_INLINE _Inline
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#endif
|
||||
#else
|
||||
#define WC_INLINE
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
|
||||
#define INLINE WC_INLINE
|
||||
@@ -170,19 +170,19 @@
|
||||
#endif
|
||||
|
||||
|
||||
/* set up thread local storage if available */
|
||||
#ifdef HAVE_THREAD_LS
|
||||
#if defined(_MSC_VER)
|
||||
#define THREAD_LS_T __declspec(thread)
|
||||
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
|
||||
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
|
||||
#define THREAD_LS_T
|
||||
#else
|
||||
#define THREAD_LS_T __thread
|
||||
#endif
|
||||
#else
|
||||
#define THREAD_LS_T
|
||||
#endif
|
||||
/* set up thread local storage if available */
|
||||
#ifdef HAVE_THREAD_LS
|
||||
#if defined(_MSC_VER)
|
||||
#define THREAD_LS_T __declspec(thread)
|
||||
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
|
||||
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
|
||||
#define THREAD_LS_T
|
||||
#else
|
||||
#define THREAD_LS_T __thread
|
||||
#endif
|
||||
#else
|
||||
#define THREAD_LS_T
|
||||
#endif
|
||||
|
||||
/* GCC 7 has new switch() fall-through detection */
|
||||
#if defined(__GNUC__)
|
||||
@@ -194,23 +194,23 @@
|
||||
#define FALL_THROUGH
|
||||
#endif
|
||||
|
||||
/* Micrium will use Visual Studio for compilation but not the Win32 API */
|
||||
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
|
||||
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
|
||||
/* Micrium will use Visual Studio for compilation but not the Win32 API */
|
||||
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
|
||||
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
|
||||
!defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
|
||||
#define USE_WINDOWS_API
|
||||
#endif
|
||||
#define USE_WINDOWS_API
|
||||
#endif
|
||||
|
||||
|
||||
/* idea to add global alloc override by Moises Guimaraes */
|
||||
/* default to libc stuff */
|
||||
/* XREALLOC is used once in normal math lib, not in fast math lib */
|
||||
/* XFREE on some embedded systems doesn't like free(0) so test */
|
||||
#if defined(HAVE_IO_POOL)
|
||||
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
|
||||
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
|
||||
WOLFSSL_API void XFREE(void *p, void* heap, int type);
|
||||
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
|
||||
/* idea to add global alloc override by Moises Guimaraes */
|
||||
/* default to libc stuff */
|
||||
/* XREALLOC is used once in normal math lib, not in fast math lib */
|
||||
/* XFREE on some embedded systems doesn't like free(0) so test */
|
||||
#if defined(HAVE_IO_POOL)
|
||||
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
|
||||
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
|
||||
WOLFSSL_API void XFREE(void *p, void* heap, int type);
|
||||
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
|
||||
#include <wolfssl/wolfcrypt/port/intel/quickassist_mem.h>
|
||||
#undef USE_WOLFSSL_MEMORY
|
||||
#ifdef WOLFSSL_DEBUG_MEMORY
|
||||
@@ -223,47 +223,61 @@
|
||||
#define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t))
|
||||
#endif /* WOLFSSL_DEBUG_MEMORY */
|
||||
#elif defined(XMALLOC_USER)
|
||||
/* prototypes for user heap override functions */
|
||||
#include <stddef.h> /* for size_t */
|
||||
extern void *XMALLOC(size_t n, void* heap, int type);
|
||||
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
|
||||
extern void XFREE(void *p, void* heap, int type);
|
||||
/* prototypes for user heap override functions */
|
||||
#include <stddef.h> /* for size_t */
|
||||
extern void *XMALLOC(size_t n, void* heap, int type);
|
||||
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
|
||||
extern void XFREE(void *p, void* heap, int type);
|
||||
#elif defined(WOLFSSL_MEMORY_LOG)
|
||||
#define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__)
|
||||
#define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__)
|
||||
#define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__)
|
||||
|
||||
/* prototypes for user heap override functions */
|
||||
#include <stddef.h> /* for size_t */
|
||||
#include <stdlib.h>
|
||||
extern void *xmalloc(size_t n, void* heap, int type, const char* func,
|
||||
const char* file, unsigned int line);
|
||||
extern void *xrealloc(void *p, size_t n, void* heap, int type,
|
||||
const char* func, const char* file, unsigned int line);
|
||||
extern void xfree(void *p, void* heap, int type, const char* func,
|
||||
const char* file, unsigned int line);
|
||||
#elif defined(XMALLOC_OVERRIDE)
|
||||
/* override the XMALLOC, XFREE and XREALLOC macros */
|
||||
#elif defined(NO_WOLFSSL_MEMORY)
|
||||
/* just use plain C stdlib stuff if desired */
|
||||
#include <stdlib.h>
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
|
||||
#define XREALLOC(p, n, h, t) realloc((p), (n))
|
||||
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
|
||||
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
|
||||
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
|
||||
#elif defined(NO_WOLFSSL_MEMORY)
|
||||
/* just use plain C stdlib stuff if desired */
|
||||
#include <stdlib.h>
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
|
||||
#define XREALLOC(p, n, h, t) realloc((p), (n))
|
||||
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
|
||||
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
|
||||
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
|
||||
&& !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4)
|
||||
/* default C runtime, can install different routines at runtime via cbs */
|
||||
#include <wolfssl/wolfcrypt/memory.h>
|
||||
/* default C runtime, can install different routines at runtime via cbs */
|
||||
#include <wolfssl/wolfcrypt/memory.h>
|
||||
#ifdef WOLFSSL_STATIC_MEMORY
|
||||
#ifdef WOLFSSL_DEBUG_MEMORY
|
||||
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
|
||||
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
|
||||
#else
|
||||
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
|
||||
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
|
||||
#endif /* WOLFSSL_DEBUG_MEMORY */
|
||||
#elif !defined(FREERTOS) && !defined(FREERTOS_TCP)
|
||||
#ifdef WOLFSSL_DEBUG_MEMORY
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
|
||||
#else
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
|
||||
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
|
||||
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
|
||||
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
|
||||
#endif /* WOLFSSL_DEBUG_MEMORY */
|
||||
#endif /* WOLFSSL_STATIC_MEMORY */
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* declare/free variable handling for async */
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
@@ -308,21 +322,21 @@
|
||||
#define USE_WOLF_STRSEP
|
||||
#endif
|
||||
|
||||
#ifndef STRING_USER
|
||||
#include <string.h>
|
||||
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
|
||||
#define XMEMSET(b,c,l) memset((b),(c),(l))
|
||||
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
|
||||
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
|
||||
#ifndef STRING_USER
|
||||
#include <string.h>
|
||||
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
|
||||
#define XMEMSET(b,c,l) memset((b),(c),(l))
|
||||
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
|
||||
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
|
||||
|
||||
#define XSTRLEN(s1) strlen((s1))
|
||||
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||
/* strstr, strncmp, and strncat only used by wolfSSL proper,
|
||||
#define XSTRLEN(s1) strlen((s1))
|
||||
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
|
||||
/* strstr, strncmp, and strncat only used by wolfSSL proper,
|
||||
* not required for wolfCrypt only */
|
||||
#define XSTRSTR(s1,s2) strstr((s1),(s2))
|
||||
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
|
||||
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
|
||||
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
|
||||
#define XSTRSTR(s1,s2) strstr((s1),(s2))
|
||||
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
|
||||
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
|
||||
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
|
||||
|
||||
#ifdef USE_WOLF_STRSEP
|
||||
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
|
||||
@@ -334,14 +348,14 @@
|
||||
/* XC32 does not support strncasecmp, so use case sensitive one */
|
||||
#define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
|
||||
#elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM)
|
||||
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
|
||||
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
|
||||
#else
|
||||
#if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \
|
||||
!defined(WOLFSSL_SGX)
|
||||
#include <strings.h>
|
||||
#endif
|
||||
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
|
||||
#endif
|
||||
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
|
||||
#endif
|
||||
|
||||
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
|
||||
debugging is turned on */
|
||||
@@ -367,7 +381,7 @@
|
||||
#define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr))
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef USE_WOLF_STRTOK
|
||||
WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp);
|
||||
@@ -384,20 +398,20 @@
|
||||
#endif
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#ifndef CTYPE_USER
|
||||
#include <ctype.h>
|
||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||
#ifndef CTYPE_USER
|
||||
#include <ctype.h>
|
||||
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
|
||||
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
|
||||
#define XTOUPPER(c) toupper((c))
|
||||
#define XISALPHA(c) isalpha((c))
|
||||
#endif
|
||||
/* needed by wolfSSL_check_domain_name() */
|
||||
#define XTOLOWER(c) tolower((c))
|
||||
#endif
|
||||
#define XTOUPPER(c) toupper((c))
|
||||
#define XISALPHA(c) isalpha((c))
|
||||
#endif
|
||||
/* needed by wolfSSL_check_domain_name() */
|
||||
#define XTOLOWER(c) tolower((c))
|
||||
#endif
|
||||
|
||||
|
||||
/* memory allocation types for user hints */
|
||||
enum {
|
||||
/* memory allocation types for user hints */
|
||||
enum {
|
||||
DYNAMIC_TYPE_CA = 1,
|
||||
DYNAMIC_TYPE_CERT = 2,
|
||||
DYNAMIC_TYPE_KEY = 3,
|
||||
@@ -488,17 +502,17 @@
|
||||
DYNAMIC_TYPE_HASH_TMP = 88,
|
||||
DYNAMIC_TYPE_BLOB = 89,
|
||||
DYNAMIC_TYPE_NAME_ENTRY = 90,
|
||||
};
|
||||
};
|
||||
|
||||
/* max error buffer string size */
|
||||
/* max error buffer string size */
|
||||
#ifndef WOLFSSL_MAX_ERROR_SZ
|
||||
#define WOLFSSL_MAX_ERROR_SZ 80
|
||||
#define WOLFSSL_MAX_ERROR_SZ 80
|
||||
#endif
|
||||
|
||||
/* stack protection */
|
||||
enum {
|
||||
MIN_STACK_BUFFER = 8
|
||||
};
|
||||
/* stack protection */
|
||||
enum {
|
||||
MIN_STACK_BUFFER = 8
|
||||
};
|
||||
|
||||
|
||||
/* Algorithm Types */
|
||||
@@ -565,39 +579,39 @@
|
||||
};
|
||||
|
||||
|
||||
/* settings detection for compile vs runtime math incompatibilities */
|
||||
enum {
|
||||
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
|
||||
CTC_SETTINGS = 0x0
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
|
||||
CTC_SETTINGS = 0x1
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
|
||||
CTC_SETTINGS = 0x2
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
|
||||
CTC_SETTINGS = 0x4
|
||||
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
|
||||
CTC_SETTINGS = 0x8
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
|
||||
CTC_SETTINGS = 0x10
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
|
||||
CTC_SETTINGS = 0x20
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
|
||||
CTC_SETTINGS = 0x40
|
||||
#else
|
||||
#error "bad math long / long long settings"
|
||||
#endif
|
||||
};
|
||||
/* settings detection for compile vs runtime math incompatibilities */
|
||||
enum {
|
||||
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
|
||||
CTC_SETTINGS = 0x0
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
|
||||
CTC_SETTINGS = 0x1
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
|
||||
CTC_SETTINGS = 0x2
|
||||
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
|
||||
CTC_SETTINGS = 0x4
|
||||
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
|
||||
CTC_SETTINGS = 0x8
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
|
||||
CTC_SETTINGS = 0x10
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
|
||||
CTC_SETTINGS = 0x20
|
||||
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
|
||||
CTC_SETTINGS = 0x40
|
||||
#else
|
||||
#error "bad math long / long long settings"
|
||||
#endif
|
||||
};
|
||||
|
||||
|
||||
WOLFSSL_API word32 CheckRunTimeSettings(void);
|
||||
WOLFSSL_API word32 CheckRunTimeSettings(void);
|
||||
|
||||
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
|
||||
types need to match at compile time and run time, CheckCtcSettings will
|
||||
return 1 if a match otherwise 0 */
|
||||
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
|
||||
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
|
||||
types need to match at compile time and run time, CheckCtcSettings will
|
||||
return 1 if a match otherwise 0 */
|
||||
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
|
||||
|
||||
/* invalid device id */
|
||||
#define INVALID_DEVID -2
|
||||
/* invalid device id */
|
||||
#define INVALID_DEVID -2
|
||||
|
||||
|
||||
/* AESNI requires alignment and ARMASM gains some performance from it */
|
||||
@@ -720,8 +734,8 @@
|
||||
#define WC_MP_TO_RADIX
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* WOLF_CRYPT_TYPES_H */
|
||||
|
||||
Reference in New Issue
Block a user