From b4996e35fa74435db83683c3179e1b8850f76794 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Thu, 21 Feb 2019 08:09:52 +1000 Subject: [PATCH] Set MAX_PRF_HALF bigger for large FFDHE parameters Stack size measurement is in a thread - free local fp_cache --- examples/client/client.c | 5 +++++ examples/server/server.c | 4 ++-- wolfssl/wolfcrypt/hash.h | 6 ++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 9279a4927..d1859bda8 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -3185,6 +3185,11 @@ exit: wolfAsync_DevClose(&devId); #endif +#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \ + && defined(HAVE_STACK_SIZE) + wc_ecc_fp_free(); /* free per thread cache */ +#endif + /* There are use cases when these assignments are not read. To avoid * potential confusion those warnings have been handled here. */ diff --git a/examples/server/server.c b/examples/server/server.c index 105ac547d..e2f4c13cb 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -2279,8 +2279,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) exit: -#if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \ - && defined(HAVE_THREAD_LS) +#if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS) \ + && (defined(NO_MAIN_DRIVER) || defined(HAVE_STACK_SIZE)) wc_ecc_fp_free(); /* free per thread cache */ #endif diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 300e9e774..26d4ce523 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -194,7 +194,13 @@ WOLFSSL_API int wc_Sha512Hash(const byte*, word32, byte*); #endif /* WOLFSSL_SHA512 */ enum max_prf { +#ifdef HAVE_FFDHE_8192 + MAX_PRF_HALF = 512, /* Maximum half secret len */ +#elif defined(HAVE_FFDHE_6144) + MAX_PRF_HALF = 384, /* Maximum half secret len */ +#else MAX_PRF_HALF = 256, /* Maximum half secret len */ +#endif MAX_PRF_LABSEED = 128, /* Maximum label + seed len */ MAX_PRF_DIG = 224 /* Maximum digest len */ };