mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-30 10:47:28 +02:00
JacobBarthelmeh
GitHub
@ -4662,6 +4662,11 @@ fi
|
|||||||
if test "$ENABLED_WOLFSENTRY" = "yes"
|
if test "$ENABLED_WOLFSENTRY" = "yes"
|
||||||
then
|
then
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WOLFSENTRY_HOOKS -DHAVE_EX_DATA -DHAVE_EX_DATA_CLEANUP_HOOKS"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WOLFSENTRY_HOOKS -DHAVE_EX_DATA -DHAVE_EX_DATA_CLEANUP_HOOKS"
|
||||||
|
if test "$ENABLED_OPENSSLEXTRA" = "no"
|
||||||
|
then
|
||||||
|
ENABLED_OPENSSLEXTRA="yes"
|
||||||
|
AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
|
||||||
|
fi
|
||||||
WOLFSENTRY_LIB="$WOLFSENTRY_LIB -lwolfsentry"
|
WOLFSENTRY_LIB="$WOLFSENTRY_LIB -lwolfsentry"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@ -471,6 +471,16 @@
|
|||||||
unsigned int serialSz);
|
unsigned int serialSz);
|
||||||
#endif
|
#endif
|
||||||
#endif /* NO_SKID */
|
#endif /* NO_SKID */
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||||
|
struct WOLFSSL_X509_NAME;
|
||||||
|
extern int wolfSSL_X509_NAME_add_entry_by_NID(struct WOLFSSL_X509_NAME *name, int nid,
|
||||||
|
int type, const unsigned char *bytes,
|
||||||
|
int len, int loc, int set);
|
||||||
|
extern void wolfSSL_X509_NAME_free(struct WOLFSSL_X509_NAME* name);
|
||||||
|
extern struct WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
|
||||||
|
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||||
|
|
||||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||||
|
|
||||||
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
|
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
|
||||||
@ -645,6 +655,13 @@
|
|||||||
#ifdef WOLFSSL_AKID_NAME
|
#ifdef WOLFSSL_AKID_NAME
|
||||||
typeof(GetCAByAKID) *GetCAByAKID;
|
typeof(GetCAByAKID) *GetCAByAKID;
|
||||||
#endif /* WOLFSSL_AKID_NAME */
|
#endif /* WOLFSSL_AKID_NAME */
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||||
|
typeof(wolfSSL_X509_NAME_add_entry_by_NID) *wolfSSL_X509_NAME_add_entry_by_NID;
|
||||||
|
typeof(wolfSSL_X509_NAME_free) *wolfSSL_X509_NAME_free;
|
||||||
|
typeof(wolfSSL_X509_NAME_new_ex) *wolfSSL_X509_NAME_new_ex;
|
||||||
|
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||||
|
|
||||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||||
|
|
||||||
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
||||||
@ -800,6 +817,13 @@
|
|||||||
#ifdef WOLFSSL_AKID_NAME
|
#ifdef WOLFSSL_AKID_NAME
|
||||||
#define GetCAByAKID (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByAKID)
|
#define GetCAByAKID (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByAKID)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||||
|
#define wolfSSL_X509_NAME_add_entry_by_NID (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_add_entry_by_NID)
|
||||||
|
#define wolfSSL_X509_NAME_free (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_free)
|
||||||
|
#define wolfSSL_X509_NAME_new_ex (wolfssl_linuxkm_get_pie_redirect_table()->wolfSSL_X509_NAME_new_ex)
|
||||||
|
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||||
|
|
||||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||||
|
|
||||||
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
||||||
|
|||||||
@ -26,6 +26,14 @@
|
|||||||
#error lkcapi_glue.c included in non-LINUXKM_LKCAPI_REGISTER project.
|
#error lkcapi_glue.c included in non-LINUXKM_LKCAPI_REGISTER project.
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* kernel crypto self-test includes test setups that have different expected
|
||||||
|
* results FIPS vs non-FIPS.
|
||||||
|
*/
|
||||||
|
#if defined(CONFIG_CRYPTO_MANAGER) && \
|
||||||
|
(defined(CONFIG_CRYPTO_FIPS) != defined(HAVE_FIPS))
|
||||||
|
#error CONFIG_CRYPTO_MANAGER requires that CONFIG_CRYPTO_FIPS match HAVE_FIPS.
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef WOLFSSL_LINUXKM_LKCAPI_PRIORITY
|
#ifndef WOLFSSL_LINUXKM_LKCAPI_PRIORITY
|
||||||
/* Larger number means higher priority. The highest in-tree priority is 4001,
|
/* Larger number means higher priority. The highest in-tree priority is 4001,
|
||||||
* in the Cavium driver.
|
* in the Cavium driver.
|
||||||
|
|||||||
@ -584,6 +584,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
|
|||||||
#ifdef WOLFSSL_AKID_NAME
|
#ifdef WOLFSSL_AKID_NAME
|
||||||
wolfssl_linuxkm_pie_redirect_table.GetCAByAKID = GetCAByAKID;
|
wolfssl_linuxkm_pie_redirect_table.GetCAByAKID = GetCAByAKID;
|
||||||
#endif /* WOLFSSL_AKID_NAME */
|
#endif /* WOLFSSL_AKID_NAME */
|
||||||
|
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||||
|
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_add_entry_by_NID = wolfSSL_X509_NAME_add_entry_by_NID;
|
||||||
|
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_free = wolfSSL_X509_NAME_free;
|
||||||
|
wolfssl_linuxkm_pie_redirect_table.wolfSSL_X509_NAME_new_ex = wolfSSL_X509_NAME_new_ex;
|
||||||
|
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
|
||||||
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
#endif /* !WOLFCRYPT_ONLY && !NO_CERTS */
|
||||||
|
|
||||||
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
#ifdef WOLFSSL_DEBUG_BACKTRACE_ERROR_CODES
|
||||||
|
|||||||
@ -2614,7 +2614,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
|
|||||||
WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
|
WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
des = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
|
des = (Des*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
|
||||||
if (des == NULL) {
|
if (des == NULL) {
|
||||||
WOLFSSL_MSG("Failed to allocate memory for Des object");
|
WOLFSSL_MSG("Failed to allocate memory for Des object");
|
||||||
}
|
}
|
||||||
@ -2732,7 +2732,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
|
|||||||
WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
|
WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
des3 = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
|
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
|
||||||
if (des3 == NULL) {
|
if (des3 == NULL) {
|
||||||
WOLFSSL_MSG("Failed to allocate memory for Des3 object");
|
WOLFSSL_MSG("Failed to allocate memory for Des3 object");
|
||||||
sz = 0;
|
sz = 0;
|
||||||
@ -2862,7 +2862,9 @@ void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out,
|
|||||||
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
|
WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
|
||||||
}
|
}
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
else if ((des = XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER)) == NULL) {
|
else if ((des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER))
|
||||||
|
== NULL)
|
||||||
|
{
|
||||||
WOLFSSL_MSG("Failed to allocate memory for Des object");
|
WOLFSSL_MSG("Failed to allocate memory for Des object");
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -3039,7 +3041,7 @@ void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
#if !defined(HAVE_SELFTEST) && \
|
#if !defined(HAVE_SELFTEST) && \
|
||||||
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
|
(!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION3_GE(5,2,1)))
|
||||||
/* Decrypt a block with wolfCrypt AES. */
|
/* Decrypt a block with wolfCrypt AES. */
|
||||||
if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
|
if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
|
||||||
WOLFSSL_MSG("wc_AesDecryptDirect failed");
|
WOLFSSL_MSG("wc_AesDecryptDirect failed");
|
||||||
|
|||||||
21
tests/api.c
21
tests/api.c
@ -34962,7 +34962,7 @@ static int test_wc_dilithium_der(void)
|
|||||||
int pubDerLen;
|
int pubDerLen;
|
||||||
int privDerLen;
|
int privDerLen;
|
||||||
int keyDerLen;
|
int keyDerLen;
|
||||||
word32 idx;
|
word32 idx = 0;
|
||||||
|
|
||||||
#ifndef WOLFSSL_NO_ML_DSA_44
|
#ifndef WOLFSSL_NO_ML_DSA_44
|
||||||
pubLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
|
pubLen = DILITHIUM_LEVEL2_PUB_KEY_SIZE;
|
||||||
@ -34989,6 +34989,9 @@ static int test_wc_dilithium_der(void)
|
|||||||
if (key != NULL) {
|
if (key != NULL) {
|
||||||
XMEMSET(key, 0, sizeof(*key));
|
XMEMSET(key, 0, sizeof(*key));
|
||||||
}
|
}
|
||||||
|
if (der != NULL) {
|
||||||
|
XMEMSET(der, 0, sizeof(*der));
|
||||||
|
}
|
||||||
XMEMSET(&rng, 0, sizeof(WC_RNG));
|
XMEMSET(&rng, 0, sizeof(WC_RNG));
|
||||||
ExpectIntEQ(wc_InitRng(&rng), 0);
|
ExpectIntEQ(wc_InitRng(&rng), 0);
|
||||||
ExpectIntEQ(wc_dilithium_init(key), 0);
|
ExpectIntEQ(wc_dilithium_init(key), 0);
|
||||||
@ -35002,21 +35005,21 @@ static int test_wc_dilithium_der(void)
|
|||||||
/* When security level is not set, we attempt to parse it from DER. Since
|
/* When security level is not set, we attempt to parse it from DER. Since
|
||||||
* the supplied DER is invalid, this should fail with ASN parsing error */
|
* the supplied DER is invalid, this should fail with ASN parsing error */
|
||||||
idx = 0;
|
idx = 0;
|
||||||
|
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
||||||
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
|
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
|
||||||
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG)
|
|
||||||
#else
|
#else
|
||||||
WC_NO_ERR_TRACE(ASN_PARSE_E)
|
ExpectIntEQ(wc_Dilithium_PublicKeyDecode(der, &idx, key, pubDerLen),
|
||||||
|
WC_NO_ERR_TRACE(ASN_PARSE_E));
|
||||||
#endif
|
#endif
|
||||||
);
|
|
||||||
idx = 0;
|
idx = 0;
|
||||||
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
|
|
||||||
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
#ifdef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
||||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG)
|
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
|
||||||
|
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||||
#else
|
#else
|
||||||
WC_NO_ERR_TRACE(ASN_PARSE_E)
|
ExpectIntEQ(wc_Dilithium_PrivateKeyDecode(der, &idx, key, privDerLen),
|
||||||
|
WC_NO_ERR_TRACE(ASN_PARSE_E));
|
||||||
#endif
|
#endif
|
||||||
);
|
|
||||||
|
|
||||||
#ifndef WOLFSSL_NO_ML_DSA_44
|
#ifndef WOLFSSL_NO_ML_DSA_44
|
||||||
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
|
ExpectIntEQ(wc_dilithium_set_level(key, WC_ML_DSA_44), 0);
|
||||||
|
|||||||
@ -44,6 +44,9 @@ const char* wc_GetErrorString(int error)
|
|||||||
{
|
{
|
||||||
switch ((enum wolfCrypt_ErrorCodes)error) {
|
switch ((enum wolfCrypt_ErrorCodes)error) {
|
||||||
|
|
||||||
|
case WC_FAILURE:
|
||||||
|
return "wolfCrypt generic failure";
|
||||||
|
|
||||||
case MP_MEM :
|
case MP_MEM :
|
||||||
return "MP integer dynamic memory allocation failed";
|
return "MP integer dynamic memory allocation failed";
|
||||||
|
|
||||||
|
|||||||
@ -765,7 +765,7 @@ int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG* rng)
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate memory for working state. */
|
/* Allocate memory for working state. */
|
||||||
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
@ -880,7 +880,7 @@ int wc_LmsKey_Reload(LmsKey* key)
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate memory for working state. */
|
/* Allocate memory for working state. */
|
||||||
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
@ -978,7 +978,7 @@ int wc_LmsKey_Sign(LmsKey* key, byte* sig, word32* sigSz, const byte* msg,
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate memory for working state. */
|
/* Allocate memory for working state. */
|
||||||
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
@ -1239,7 +1239,7 @@ int wc_LmsKey_Verify(LmsKey* key, const byte* sig, word32 sigSz,
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate memory for working state. */
|
/* Allocate memory for working state. */
|
||||||
state = XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1962,7 +1962,7 @@ static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState,
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate stack of left side hashes. */
|
/* Allocate stack of left side hashes. */
|
||||||
stack = XMALLOC((params->height + 1) * params->hash_len, NULL,
|
stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (stack == NULL) {
|
if (stack == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
@ -2088,7 +2088,7 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState,
|
|||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
/* Allocate stack of left side hashes. */
|
/* Allocate stack of left side hashes. */
|
||||||
stack = XMALLOC((params->height + 1) * params->hash_len, NULL,
|
stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (stack == NULL) {
|
if (stack == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
|
|||||||
@ -738,7 +738,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
@ -1109,7 +1109,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
@ -1645,7 +1645,7 @@ int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
state = XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (state == NULL) {
|
if (state == NULL) {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -33733,9 +33733,9 @@ static wc_test_ret_t ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
|
|||||||
int bInit = 0;
|
int bInit = 0;
|
||||||
|
|
||||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||||
plaintext = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
plaintext = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
encrypted = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
encrypted = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
decrypted = XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
decrypted = (byte*)XMALLOC(MAX_ECIES_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
wc_ecc_free(a);
|
wc_ecc_free(a);
|
||||||
@ -45867,8 +45867,12 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
|
|||||||
int expectedLevel,
|
int expectedLevel,
|
||||||
int isPublicOnlyKey)
|
int isPublicOnlyKey)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret = 0;
|
||||||
dilithium_key key;
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
dilithium_key *key = NULL;
|
||||||
|
#else
|
||||||
|
dilithium_key key[1];
|
||||||
|
#endif
|
||||||
word32 idx;
|
word32 idx;
|
||||||
byte* der;
|
byte* der;
|
||||||
word32 derSz;
|
word32 derSz;
|
||||||
@ -45882,23 +45886,31 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
|
|||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
key = (dilithium_key *)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (key == NULL)
|
||||||
|
ret = MEMORY_E;
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Initialize key */
|
/* Initialize key */
|
||||||
ret = wc_dilithium_init(&key);
|
if (ret == 0) {
|
||||||
|
ret = wc_dilithium_init(key);
|
||||||
|
}
|
||||||
|
|
||||||
/* Import raw key, setting the security level */
|
/* Import raw key, setting the security level */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = wc_dilithium_set_level(&key, expectedLevel);
|
ret = wc_dilithium_set_level(key, expectedLevel);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
||||||
if (isPublicOnlyKey) {
|
if (isPublicOnlyKey) {
|
||||||
ret = wc_dilithium_import_public(rawKey, rawKeySz, &key);
|
ret = wc_dilithium_import_public(rawKey, rawKeySz, key);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
||||||
if (!isPublicOnlyKey) {
|
if (!isPublicOnlyKey) {
|
||||||
ret = wc_dilithium_import_private(rawKey, rawKeySz, &key);
|
ret = wc_dilithium_import_private(rawKey, rawKeySz, key);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@ -45907,12 +45919,12 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
|
|||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
||||||
if (isPublicOnlyKey) {
|
if (isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PublicKeyToDer(&key, der, maxDerSz, 1);
|
ret = wc_Dilithium_PublicKeyToDer(key, der, maxDerSz, 1);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
||||||
if (!isPublicOnlyKey) {
|
if (!isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PrivateKeyToDer(&key, der, maxDerSz);
|
ret = wc_Dilithium_PrivateKeyToDer(key, der, maxDerSz);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
@ -45923,33 +45935,33 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
|
|||||||
|
|
||||||
/* Free and reinit key to test fresh decode */
|
/* Free and reinit key to test fresh decode */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
wc_dilithium_free(&key);
|
wc_dilithium_free(key);
|
||||||
ret = wc_dilithium_init(&key);
|
ret = wc_dilithium_init(key);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* First test decoding when security level is set externally */
|
/* First test decoding when security level is set externally */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = wc_dilithium_set_level(&key, expectedLevel);
|
ret = wc_dilithium_set_level(key, expectedLevel);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
idx = 0;
|
idx = 0;
|
||||||
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
||||||
if (isPublicOnlyKey) {
|
if (isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PublicKeyDecode(der, &idx, &key, derSz);
|
ret = wc_Dilithium_PublicKeyDecode(der, &idx, key, derSz);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
||||||
if (!isPublicOnlyKey) {
|
if (!isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, &key, derSz);
|
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, key, derSz);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Free and reinit key to test fresh decode */
|
/* Free and reinit key to test fresh decode */
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
wc_dilithium_free(&key);
|
wc_dilithium_free(key);
|
||||||
ret = wc_dilithium_init(&key);
|
ret = wc_dilithium_init(key);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
#ifndef WOLFSSL_DILITHIUM_FIPS204_DRAFT
|
||||||
@ -45958,28 +45970,31 @@ static wc_test_ret_t test_dilithium_decode_level(const byte* rawKey,
|
|||||||
idx = 0;
|
idx = 0;
|
||||||
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
#ifdef WOLFSSL_DILITHIUM_PUBLIC_KEY
|
||||||
if (isPublicOnlyKey) {
|
if (isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PublicKeyDecode(der, &idx, &key, derSz);
|
ret = wc_Dilithium_PublicKeyDecode(der, &idx, key, derSz);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
#ifdef WOLFSSL_DILITHIUM_PRIVATE_KEY
|
||||||
if (!isPublicOnlyKey) {
|
if (!isPublicOnlyKey) {
|
||||||
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, &key, derSz);
|
ret = wc_Dilithium_PrivateKeyDecode(der, &idx, key, derSz);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Verify auto-detected security level */
|
/* Verify auto-detected security level */
|
||||||
if (ret == 0 && key.level != expectedLevel) {
|
if (ret == 0 && key->level != expectedLevel) {
|
||||||
printf("Dilithium key decode failed to detect level.\n"
|
printf("Dilithium key decode failed to detect level.\n"
|
||||||
"\tExpected level=%d\n\tGot level=%d\n",
|
"\tExpected level=%d\n\tGot level=%d\n",
|
||||||
expectedLevel, key.level);
|
expectedLevel, key->level);
|
||||||
ret = WC_TEST_RET_ENC_NC;
|
ret = WC_TEST_RET_ENC_NC;
|
||||||
}
|
}
|
||||||
#endif /* !WOLFSSL_DILITHIUM_FIPS204_DRAFT */
|
#endif /* !WOLFSSL_DILITHIUM_FIPS204_DRAFT */
|
||||||
|
|
||||||
/* Cleanup */
|
/* Cleanup */
|
||||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
wc_dilithium_free(&key);
|
wc_dilithium_free(key);
|
||||||
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
|
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
#endif
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -46827,7 +46842,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void)
|
|||||||
unsigned char priv[HSS_MAX_PRIVATE_KEY_LEN];
|
unsigned char priv[HSS_MAX_PRIVATE_KEY_LEN];
|
||||||
unsigned char old_priv[HSS_MAX_PRIVATE_KEY_LEN];
|
unsigned char old_priv[HSS_MAX_PRIVATE_KEY_LEN];
|
||||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||||
byte * sig = XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
|
byte * sig = (byte*)XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
if (sig == NULL) {
|
if (sig == NULL) {
|
||||||
return WC_TEST_RET_ENC_ERRNO;
|
return WC_TEST_RET_ENC_ERRNO;
|
||||||
|
|||||||
@ -4793,15 +4793,19 @@ WOLFSSL_API int wolfSSL_X509_NAME_add_entry(WOLFSSL_X509_NAME* name,
|
|||||||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
|
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_txt(WOLFSSL_X509_NAME *name,
|
||||||
const char *field, int type, const unsigned char *bytes, int len, int loc,
|
const char *field, int type, const unsigned char *bytes, int len, int loc,
|
||||||
int set);
|
int set);
|
||||||
|
#ifndef wolfSSL_X509_NAME_add_entry_by_NID
|
||||||
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
|
WOLFSSL_API int wolfSSL_X509_NAME_add_entry_by_NID(WOLFSSL_X509_NAME *name, int nid,
|
||||||
int type, const unsigned char *bytes,
|
int type, const unsigned char *bytes,
|
||||||
int len, int loc, int set);
|
int len, int loc, int set);
|
||||||
|
#endif
|
||||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
|
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
|
||||||
WOLFSSL_X509_NAME *name, int loc);
|
WOLFSSL_X509_NAME *name, int loc);
|
||||||
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
|
||||||
const WOLFSSL_X509_NAME* y);
|
const WOLFSSL_X509_NAME* y);
|
||||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
|
||||||
|
#ifndef wolfSSL_X509_NAME_new_ex
|
||||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
|
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
|
||||||
|
#endif
|
||||||
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
|
WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
|
||||||
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to);
|
WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to);
|
||||||
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
|
||||||
@ -5012,7 +5016,9 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_get_entry(WOLFSSL_X509_NA
|
|||||||
|| defined(OPENSSL_EXTRA_X509_SMALL)
|
|| defined(OPENSSL_EXTRA_X509_SMALL)
|
||||||
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
|
WOLFSSL_API void wolfSSL_X509_NAME_ENTRY_free(WOLFSSL_X509_NAME_ENTRY* ne);
|
||||||
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
|
WOLFSSL_API WOLFSSL_X509_NAME_ENTRY* wolfSSL_X509_NAME_ENTRY_new(void);
|
||||||
|
#ifndef wolfSSL_X509_NAME_free
|
||||||
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
|
WOLFSSL_API void wolfSSL_X509_NAME_free(WOLFSSL_X509_NAME* name);
|
||||||
|
#endif
|
||||||
WOLFSSL_API int wolfSSL_CTX_use_certificate(WOLFSSL_CTX* ctx, WOLFSSL_X509* x);
|
WOLFSSL_API int wolfSSL_CTX_use_certificate(WOLFSSL_CTX* ctx, WOLFSSL_X509* x);
|
||||||
WOLFSSL_API int wolfSSL_CTX_add0_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
|
WOLFSSL_API int wolfSSL_CTX_add0_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
|
||||||
WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
|
WOLFSSL_API int wolfSSL_CTX_add1_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
|
||||||
|
|||||||
@ -46,6 +46,10 @@ enum wolfCrypt_ErrorCodes {
|
|||||||
/* note that WOLFSSL_FATAL_ERROR is defined as -1 in error-ssl.h, for
|
/* note that WOLFSSL_FATAL_ERROR is defined as -1 in error-ssl.h, for
|
||||||
* reasons of backward compatibility.
|
* reasons of backward compatibility.
|
||||||
*/
|
*/
|
||||||
|
WC_FAILURE = -1, /* Generic but traceable back compat errcode.
|
||||||
|
* Note, not reflected in MAX_CODE_E or
|
||||||
|
* WC_FIRST_E.
|
||||||
|
*/
|
||||||
|
|
||||||
MAX_CODE_E = -96, /* WC_FIRST_E + 1, for backward compat. */
|
MAX_CODE_E = -96, /* WC_FIRST_E + 1, for backward compat. */
|
||||||
WC_FIRST_E = -97, /* First code used for wolfCrypt */
|
WC_FIRST_E = -97, /* First code used for wolfCrypt */
|
||||||
|
|||||||
@ -3736,7 +3736,8 @@ extern void uITRON4_free(void *p) ;
|
|||||||
(defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL) || \
|
(defined(OPENSSL_ALL) || defined(WOLFSSL_WPAS_SMALL) || \
|
||||||
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
|
defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
|
||||||
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
|
defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
|
||||||
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB))
|
defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB) || \
|
||||||
|
defined(WOLFSSL_WOLFSENTRY_HOOKS))
|
||||||
#define HAVE_EX_DATA_CRYPTO
|
#define HAVE_EX_DATA_CRYPTO
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user