mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 06:10:48 +02:00
Merge pull request #10596 from SparkiDev/regression_fixes_24
Regression testing fixes
This commit is contained in:
+1
-1
@@ -12316,7 +12316,7 @@ AM_CONDITIONAL([BUILD_MLDSA],[test "x$ENABLED_MLDSA" != "xno" || test "x$ENABLED
|
||||
AM_CONDITIONAL([BUILD_ECCSI],[test "x$ENABLED_ECCSI" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_MEMORY],[test "x$ENABLED_MEMORY" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_MEMUSE],[test "x$ENABLED_ENTROPY_MEMUSE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_MEMUSE],[test "x$ENABLED_ENTROPY_MEMUSE" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_RNG_BANK],[test "$ENABLED_RNG_BANK" = "yes" || test "$ENABLED_USERSETTINGS" = "yes"])
|
||||
AM_CONDITIONAL([BUILD_RSA],[test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
AM_CONDITIONAL([BUILD_DH],[test "x$ENABLED_DH" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
|
||||
|
||||
@@ -7329,6 +7329,9 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
||||
#endif
|
||||
#else
|
||||
if (ctx->privateKey != NULL) {
|
||||
if (ssl->buffers.key != NULL) {
|
||||
FreeDer(&ssl->buffers.key);
|
||||
}
|
||||
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
|
||||
ctx->privateKey->length, ctx->privateKey->type,
|
||||
ctx->privateKey->heap);
|
||||
|
||||
@@ -3294,7 +3294,8 @@ int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name)
|
||||
#if defined(NO_TLS)
|
||||
return WOLFSSL_FAILURE;
|
||||
#else
|
||||
return TLSX_UseSupportedCurve(&ssl->extensions, name, ssl->heap);
|
||||
return TLSX_UseSupportedCurve(&ssl->extensions, name, ssl->heap,
|
||||
ssl->options.side);
|
||||
#endif /* NO_TLS */
|
||||
}
|
||||
|
||||
@@ -3308,7 +3309,8 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx, word16 name)
|
||||
#if defined(NO_TLS)
|
||||
return WOLFSSL_FAILURE;
|
||||
#else
|
||||
return TLSX_UseSupportedCurve(&ctx->extensions, name, ctx->heap);
|
||||
return TLSX_UseSupportedCurve(&ctx->extensions, name, ctx->heap,
|
||||
ctx->method->side);
|
||||
#endif /* NO_TLS */
|
||||
}
|
||||
|
||||
@@ -16068,6 +16070,9 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
|
||||
#endif
|
||||
#else
|
||||
if (ctx->privateKey != NULL) {
|
||||
if (ssl->buffers.key != NULL && ssl->buffers.weOwnKey) {
|
||||
FreeDer(&ssl->buffers.key);
|
||||
}
|
||||
ret = AllocCopyDer(&ssl->buffers.key, ctx->privateKey->buffer,
|
||||
ctx->privateKey->length, ctx->privateKey->type,
|
||||
ctx->privateKey->heap);
|
||||
|
||||
+12
-9
@@ -3760,8 +3760,6 @@ int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
|
||||
* ASN1_TIME APIs
|
||||
******************************************************************************/
|
||||
|
||||
#ifndef NO_ASN_TIME
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
/* Allocate a new ASN.1 TIME object.
|
||||
*
|
||||
@@ -3811,6 +3809,7 @@ WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *a, time_t t)
|
||||
}
|
||||
#endif /* !NO_WOLFSSL_STUB */
|
||||
|
||||
#ifndef NO_ASN_TIME
|
||||
/* Convert time to Unix time (GMT).
|
||||
*
|
||||
* @param [in] sec Second in minute. 0-59.
|
||||
@@ -4005,6 +4004,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* a, time_t t,
|
||||
return ret;
|
||||
}
|
||||
#endif /* !USER_TIME && !TIME_OVERRIDES */
|
||||
#endif /* !NO_ASN_TIME */
|
||||
|
||||
/* Get the length of the ASN.1 TIME data.
|
||||
*
|
||||
@@ -4048,6 +4048,7 @@ unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t)
|
||||
return data;
|
||||
}
|
||||
|
||||
#ifndef NO_ASN_TIME
|
||||
/* Check format of string in ASN.1 TIME object.
|
||||
*
|
||||
* @param [in] a ASN.1 TIME object.
|
||||
@@ -4069,6 +4070,7 @@ int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a)
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* !NO_ASN_TIME */
|
||||
|
||||
/* Set the time as a string into ASN.1 TIME object.
|
||||
*
|
||||
@@ -4112,6 +4114,7 @@ int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *t, const char *str)
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifndef NO_ASN_TIME
|
||||
int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
|
||||
{
|
||||
int ret = WOLFSSL_SUCCESS;
|
||||
@@ -4126,6 +4129,7 @@ int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t, const char *str)
|
||||
ret = wolfSSL_ASN1_TIME_check(t);
|
||||
return ret;
|
||||
}
|
||||
#endif /* !NO_ASN_TIME */
|
||||
|
||||
/* Convert ASN.1 TIME object to ASN.1 GENERALIZED TIME object.
|
||||
*
|
||||
@@ -4199,7 +4203,7 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if !defined(USER_TIME) && !defined(TIME_OVERRIDES)
|
||||
#if !defined(NO_ASN_TIME) && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
|
||||
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t)
|
||||
{
|
||||
WOLFSSL_ASN1_TIME* ret = s;
|
||||
@@ -4228,7 +4232,8 @@ WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t)
|
||||
#endif /* !USER_TIME && !TIME_OVERRIDES */
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA)
|
||||
#if !defined(NO_ASN_TIME) && \
|
||||
(defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(OPENSSL_EXTRA))
|
||||
/* Get string from ASN.1 TIME object.
|
||||
*
|
||||
* Not an OpenSSL compatibility API.
|
||||
@@ -4607,9 +4612,9 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
|
||||
}
|
||||
#endif /* !NO_BIO */
|
||||
|
||||
#endif /* WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA */
|
||||
#endif /* !NO_ASN_TIME && (WOLFSSL_MYSQL_COMPATIBLE || OPENSSL_EXTRA) */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
|
||||
|
||||
#ifndef NO_BIO
|
||||
/* Print the ASN.1 UTC TIME object as a string to BIO.
|
||||
@@ -4647,9 +4652,7 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
|
||||
}
|
||||
#endif /* !NO_BIO */
|
||||
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#endif /* !NO_ASN_TIME */
|
||||
#endif /* !NO_ASN_TIME && OPENSSL_EXTRA */
|
||||
|
||||
/*******************************************************************************
|
||||
* ASN1_TYPE APIs
|
||||
|
||||
@@ -4584,16 +4584,72 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
|
||||
|
||||
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
|
||||
|
||||
/* ML-KEM client support requires generating a key pair (encapsulation key) and
|
||||
* decapsulating the server's ciphertext. */
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
|
||||
#define WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT
|
||||
#endif
|
||||
/* ML-KEM server support requires encapsulating to the client's key. */
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_ENCAPSULATE)
|
||||
#define WOLFSSL_HAVE_MLKEM_SERVER_SUPPORT
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_SUPPORTED_CURVES) || \
|
||||
(defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES))
|
||||
|
||||
#ifdef WOLFSSL_HAVE_MLKEM
|
||||
/* Returns whether ML-KEM groups are supported for the given side.
|
||||
*
|
||||
* ML-KEM groups require side specific crypto support. The client needs to
|
||||
* generate a key and decapsulate, while the server needs to encapsulate.
|
||||
*
|
||||
* side The side of the connection the check is for: WOLFSSL_CLIENT_END,
|
||||
* WOLFSSL_SERVER_END or WOLFSSL_NEITHER_END when the side is not known.
|
||||
* returns 1 when supported or 0 otherwise.
|
||||
*/
|
||||
static int TLSX_IsMlKemGroupSupported(int side)
|
||||
{
|
||||
if (side == WOLFSSL_CLIENT_END) {
|
||||
#ifdef WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT
|
||||
return 1;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
else if (side == WOLFSSL_SERVER_END) {
|
||||
#ifdef WOLFSSL_HAVE_MLKEM_SERVER_SUPPORT
|
||||
return 1;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
/* Side not known - supported if either side has the crypto support. */
|
||||
#if defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) || \
|
||||
defined(WOLFSSL_HAVE_MLKEM_SERVER_SUPPORT)
|
||||
return 1;
|
||||
#else
|
||||
return 0;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
#endif /* WOLFSSL_HAVE_MLKEM */
|
||||
|
||||
/* Returns whether this group is supported.
|
||||
*
|
||||
* namedGroup The named group to check.
|
||||
* side The side of the connection the check is for: WOLFSSL_CLIENT_END,
|
||||
* WOLFSSL_SERVER_END or WOLFSSL_NEITHER_END when the side is not
|
||||
* known. Used to determine whether the local side has the crypto
|
||||
* support required to use the group (e.g. ML-KEM requires
|
||||
* decapsulation on the client and encapsulation on the server).
|
||||
* returns 1 when supported or 0 otherwise.
|
||||
*/
|
||||
int TLSX_IsGroupSupported(int namedGroup)
|
||||
int TLSX_IsGroupSupported(int namedGroup, int side)
|
||||
{
|
||||
(void)side;
|
||||
|
||||
switch (namedGroup) {
|
||||
#ifdef HAVE_FFDHE_2048
|
||||
case WOLFSSL_FFDHE_2048:
|
||||
@@ -4705,14 +4761,14 @@ int TLSX_IsGroupSupported(int namedGroup)
|
||||
#ifndef WOLFSSL_NO_ML_KEM_512
|
||||
#ifndef WOLFSSL_TLS_NO_MLKEM_STANDALONE
|
||||
case WOLFSSL_ML_KEM_512:
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif /* !WOLFSSL_TLS_NO_MLKEM_STANDALONE */
|
||||
#ifdef WOLFSSL_EXTRA_PQC_HYBRIDS
|
||||
case WOLFSSL_SECP256R1MLKEM512:
|
||||
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
|
||||
case WOLFSSL_X25519MLKEM512:
|
||||
#endif /* HAVE_CURVE25519 */
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif /* WOLFSSL_EXTRA_PQC_HYBRIDS */
|
||||
#endif /* WOLFSSL_NO_ML_KEM_512 */
|
||||
#ifndef WOLFSSL_NO_ML_KEM_768
|
||||
@@ -4731,7 +4787,7 @@ int TLSX_IsGroupSupported(int namedGroup)
|
||||
case WOLFSSL_X448MLKEM768:
|
||||
#endif /* HAVE_CURVE448 */
|
||||
#endif /* WOLFSSL_EXTRA_PQC_HYBRIDS */
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif /* WOLFSSL_NO_ML_KEM_768 */
|
||||
#ifndef WOLFSSL_NO_ML_KEM_1024
|
||||
#ifndef WOLFSSL_TLS_NO_MLKEM_STANDALONE
|
||||
@@ -4743,14 +4799,14 @@ int TLSX_IsGroupSupported(int namedGroup)
|
||||
#ifdef WOLFSSL_EXTRA_PQC_HYBRIDS
|
||||
case WOLFSSL_SECP521R1MLKEM1024:
|
||||
#endif /* WOLFSSL_EXTRA_PQC_HYBRIDS */
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif
|
||||
#if defined(WOLFSSL_ML_KEM_USE_OLD_IDS) && \
|
||||
defined (WOLFSSL_EXTRA_PQC_HYBRIDS)
|
||||
case WOLFSSL_P256_ML_KEM_512_OLD:
|
||||
case WOLFSSL_P384_ML_KEM_768_OLD:
|
||||
case WOLFSSL_P521_ML_KEM_1024_OLD:
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif /* WOLFSSL_ML_KEM_USE_OLD_IDS && WOLFSSL_EXTRA_PQC_HYBRIDS */
|
||||
#endif /* WOLFSSL_NO_ML_KEM */
|
||||
#ifdef WOLFSSL_MLKEM_KYBER
|
||||
@@ -4776,7 +4832,7 @@ int TLSX_IsGroupSupported(int namedGroup)
|
||||
case WOLFSSL_KYBER_LEVEL5:
|
||||
case WOLFSSL_P521_KYBER_LEVEL5:
|
||||
#endif
|
||||
break;
|
||||
return TLSX_IsMlKemGroupSupported(side);
|
||||
#endif
|
||||
#endif /* WOLFSSL_HAVE_MLKEM */
|
||||
default:
|
||||
@@ -5144,7 +5200,8 @@ int TLSX_SupportedCurve_Parse(const WOLFSSL* ssl, const byte* input,
|
||||
for (; offset < length; offset += OPAQUE16_LEN) {
|
||||
ato16(input + offset, &name);
|
||||
|
||||
ret = TLSX_UseSupportedCurve(extensions, name, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, name, ssl->heap,
|
||||
ssl->options.side);
|
||||
/* If it is BAD_FUNC_ARG then it is a group we do not support, but
|
||||
* that is fine. */
|
||||
if (ret != WOLFSSL_SUCCESS &&
|
||||
@@ -5533,7 +5590,8 @@ int TLSX_SupportedCurve_Preferred(WOLFSSL* ssl, int checkSupported)
|
||||
|
||||
curve = (SupportedCurve*)extension->data;
|
||||
while (curve != NULL) {
|
||||
if (!checkSupported || TLSX_IsGroupSupported(curve->name))
|
||||
if (!checkSupported ||
|
||||
TLSX_IsGroupSupported(curve->name, ssl->options.side))
|
||||
return curve->name;
|
||||
curve = curve->next;
|
||||
}
|
||||
@@ -5936,7 +5994,10 @@ int TLSX_SupportedCurve_Copy(TLSX* src, TLSX** dst, void* heap)
|
||||
SupportedCurve* curve;
|
||||
for (curve = (SupportedCurve*)extension->data; curve != NULL;
|
||||
curve = curve->next) {
|
||||
ret = TLSX_UseSupportedCurve(dst, curve->name, heap);
|
||||
/* Copying an already validated list - don't drop a group based on
|
||||
* the side, so accept when either side has the crypto support. */
|
||||
ret = TLSX_UseSupportedCurve(dst, curve->name, heap,
|
||||
WOLFSSL_NEITHER_END);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return MEMORY_E;
|
||||
}
|
||||
@@ -5945,7 +6006,7 @@ int TLSX_SupportedCurve_Copy(TLSX* src, TLSX** dst, void* heap)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, void* heap)
|
||||
int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, void* heap, int side)
|
||||
{
|
||||
TLSX* extension = NULL;
|
||||
SupportedCurve* curve = NULL;
|
||||
@@ -5955,7 +6016,7 @@ int TLSX_UseSupportedCurve(TLSX** extensions, word16 name, void* heap)
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if (! TLSX_IsGroupSupported(name)) {
|
||||
if (!TLSX_IsGroupSupported(name, side)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
@@ -7936,7 +7997,8 @@ static int TLSX_SetSignatureAlgorithmsCert(TLSX** extensions,
|
||||
/******************************************************************************/
|
||||
|
||||
#ifndef MAX_KEYSHARE_NAMED_GROUPS
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY)
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
|
||||
#define MAX_KEYSHARE_NAMED_GROUPS 24
|
||||
#else
|
||||
#define MAX_KEYSHARE_NAMED_GROUPS 12
|
||||
@@ -8595,7 +8657,8 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
|
||||
"WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ"
|
||||
#endif
|
||||
|
||||
#if !defined(WOLFSSL_MLKEM_NO_MAKE_KEY) || \
|
||||
#if (!defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)) || \
|
||||
!defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) || \
|
||||
(!defined(WOLFSSL_MLKEM_NO_DECAPSULATE) && \
|
||||
!defined(WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ))
|
||||
@@ -8732,7 +8795,8 @@ static void findEccPqc(int *ecc, int *pqc, int *pqc_first, int group)
|
||||
}
|
||||
}
|
||||
|
||||
#ifndef WOLFSSL_MLKEM_NO_MAKE_KEY
|
||||
#if !defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
|
||||
/* Create a key share entry using pqc parameters group on the client side.
|
||||
* Generates a key pair.
|
||||
*
|
||||
@@ -9052,7 +9116,7 @@ static int TLSX_KeyShare_GenPqcHybridKeyClient(WOLFSSL *ssl, KeyShareEntry* kse)
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* !WOLFSSL_MLKEM_NO_MAKE_KEY */
|
||||
#endif /* !WOLFSSL_MLKEM_NO_MAKE_KEY && !WOLFSSL_MLKEM_NO_DECAPSULATE */
|
||||
#endif /* WOLFSSL_HAVE_MLKEM */
|
||||
|
||||
/* Generate a secret/key using the key share entry.
|
||||
@@ -9070,7 +9134,8 @@ int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse)
|
||||
ret = TLSX_KeyShare_GenX25519Key(ssl, kse);
|
||||
else if (kse->group == WOLFSSL_ECC_X448)
|
||||
ret = TLSX_KeyShare_GenX448Key(ssl, kse);
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY)
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
|
||||
else if (WOLFSSL_NAMED_GROUP_IS_PQC(kse->group))
|
||||
ret = TLSX_KeyShare_GenPqcKeyClient(ssl, kse);
|
||||
else if (WOLFSSL_NAMED_GROUP_IS_PQC_HYBRID(kse->group))
|
||||
@@ -11394,18 +11459,18 @@ static const word16 preferredGroup[] = {
|
||||
* directly into an assignment, so wrap non-trivial expressions in parentheses.
|
||||
*/
|
||||
#ifndef WOLFSSL_KEY_SHARE_DEFAULT_GROUP
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && defined(WOLFSSL_PQC_HYBRIDS) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
#define WOLFSSL_KEY_SHARE_DEFAULT_GROUP WOLFSSL_X25519MLKEM768
|
||||
#elif defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
#elif defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && defined(WOLFSSL_PQC_HYBRIDS) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC) && \
|
||||
(!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
#define WOLFSSL_KEY_SHARE_DEFAULT_GROUP WOLFSSL_SECP256R1MLKEM768
|
||||
#elif defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
#elif defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && defined(WOLFSSL_PQC_HYBRIDS) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC) && \
|
||||
(defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
|
||||
@@ -11499,7 +11564,7 @@ int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl, TLSX** extensions)
|
||||
for (; curve != NULL; curve = curve->next) {
|
||||
/* Use server's preference order. Common group was found but key share
|
||||
* was missing */
|
||||
if (!TLSX_IsGroupSupported(curve->name))
|
||||
if (!TLSX_IsGroupSupported(curve->name, ssl->options.side))
|
||||
continue;
|
||||
if (wolfSSL_curve_is_disabled(ssl, curve->name))
|
||||
continue;
|
||||
@@ -11778,7 +11843,7 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
|
||||
if (wolfSSL_curve_is_disabled(ssl, clientKSE->group))
|
||||
continue;
|
||||
}
|
||||
if (!TLSX_IsGroupSupported(clientKSE->group))
|
||||
if (!TLSX_IsGroupSupported(clientKSE->group, ssl->options.side))
|
||||
continue;
|
||||
|
||||
rank = TLSX_KeyShare_GroupRank(ssl, clientKSE->group);
|
||||
@@ -15602,14 +15667,15 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
|
||||
if (ssl->options.resuming && ssl->session->namedGroup != 0) {
|
||||
return TLSX_UseSupportedCurve(extensions, ssl->session->namedGroup,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ssl->numGroups != 0) {
|
||||
int i;
|
||||
for (i = 0; i < ssl->numGroups; i++) {
|
||||
ret = TLSX_UseSupportedCurve(extensions, ssl->group[i], ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, ssl->group[i], ssl->heap,
|
||||
ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15617,39 +15683,41 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
}
|
||||
#endif /* WOLFSSL_TLS13 */
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && defined(WOLFSSL_PQC_HYBRIDS)
|
||||
/* Prefer non-experimental PQ/T hybrid groups (only for TLS 1.3) */
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE25519) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM768,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC) && \
|
||||
(defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 384
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM1024,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC) && \
|
||||
(!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM768,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM_CLIENT_SUPPORT) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && !defined(WOLFSSL_NO_ML_KEM_1024) && \
|
||||
!defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_1024,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -15658,8 +15726,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
/* list in order by strength, since not all servers choose by strength */
|
||||
#if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP521R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP521R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
@@ -15668,7 +15736,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
/* TLS 1.3 BrainpoolP512 curve */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1TLS13, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1TLS13, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
|
||||
/* If TLS 1.2 is allowed, also add the TLS 1.2 curve */
|
||||
@@ -15676,14 +15744,14 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
(ssl->options.minDowngrade <= TLSv1_2_MINOR ||
|
||||
ssl->options.minDowngrade <= DTLSv1_2_MINOR)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* TLS 1.2 only */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -15693,9 +15761,10 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && !defined(WOLFSSL_NO_ML_KEM_768) && \
|
||||
!defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_768,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -15703,15 +15772,15 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(HAVE_ECC)
|
||||
#if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP384R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP384R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_BRAINPOOL
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
/* TLS 1.3 BrainpoolP384 curve */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1TLS13, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1TLS13, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
|
||||
/* If TLS 1.2 is allowed, also add the TLS 1.2 curve */
|
||||
@@ -15719,14 +15788,14 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
(ssl->options.minDowngrade <= TLSv1_2_MINOR ||
|
||||
ssl->options.minDowngrade <= DTLSv1_2_MINOR)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* TLS 1.2 only */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -15735,8 +15804,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_X448, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_X448, ssl->heap,
|
||||
ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif /* HAVE_FIPS */
|
||||
@@ -15744,9 +15813,10 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && !defined(WOLFSSL_NO_ML_KEM_512) && \
|
||||
!defined(WOLFSSL_TLS_NO_MLKEM_STANDALONE)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_512,
|
||||
ssl->heap);
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ML_KEM_512, ssl->heap,
|
||||
ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -15754,20 +15824,20 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
|
||||
#if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP256R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP256R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KOBLITZ
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP256K1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP256K1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_BRAINPOOL
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
/* TLS 1.3 BrainpoolP256 curve */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1TLS13, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1TLS13, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
|
||||
/* If TLS 1.2 is allowed, also add the TLS 1.2 curve */
|
||||
@@ -15775,20 +15845,20 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
(ssl->options.minDowngrade <= TLSv1_2_MINOR ||
|
||||
ssl->options.minDowngrade <= DTLSv1_2_MINOR)) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* TLS 1.2 only */
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
|
||||
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
}
|
||||
#endif
|
||||
#if !defined(HAVE_FIPS) && defined(WOLFSSL_SM2)
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SM2P256V1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SM2P256V1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
@@ -15796,8 +15866,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_X25519, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_X25519,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif /* HAVE_FIPS */
|
||||
@@ -15805,13 +15875,13 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
|
||||
#if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP224R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP224R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KOBLITZ
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP224K1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP224K1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
@@ -15819,30 +15889,30 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifndef HAVE_FIPS
|
||||
#if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP192R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP192R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KOBLITZ
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP192K1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP192K1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
#if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160
|
||||
#ifndef NO_ECC_SECP
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP160R1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP160R1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_SECPR2
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP160R2, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP160R2,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KOBLITZ
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_ECC_SECP160K1, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_ECC_SECP160K1,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
@@ -15854,8 +15924,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifdef HAVE_FFDHE_8192
|
||||
if (8192/8 >= ssl->options.minDhKeySz &&
|
||||
8192/8 <= ssl->options.maxDhKeySz) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_FFDHE_8192, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_FFDHE_8192,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15863,8 +15933,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifdef HAVE_FFDHE_6144
|
||||
if (6144/8 >= ssl->options.minDhKeySz &&
|
||||
6144/8 <= ssl->options.maxDhKeySz) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_FFDHE_6144, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_FFDHE_6144,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15872,8 +15942,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifdef HAVE_FFDHE_4096
|
||||
if (4096/8 >= ssl->options.minDhKeySz &&
|
||||
4096/8 <= ssl->options.maxDhKeySz) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_FFDHE_4096, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_FFDHE_4096,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15881,8 +15951,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifdef HAVE_FFDHE_3072
|
||||
if (3072/8 >= ssl->options.minDhKeySz &&
|
||||
3072/8 <= ssl->options.maxDhKeySz) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_FFDHE_3072, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_FFDHE_3072,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15890,8 +15960,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
#ifdef HAVE_FFDHE_2048
|
||||
if (2048/8 >= ssl->options.minDhKeySz &&
|
||||
2048/8 <= ssl->options.maxDhKeySz) {
|
||||
ret = TLSX_UseSupportedCurve(extensions,
|
||||
WOLFSSL_FFDHE_2048, ssl->heap);
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_FFDHE_2048,
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS)
|
||||
return ret;
|
||||
}
|
||||
@@ -15900,35 +15970,36 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
!defined(WOLFSSL_NO_ML_KEM) && defined(WOLFSSL_EXTRA_PQC_HYBRIDS)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC) && \
|
||||
(defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP521R1MLKEM1024,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC) && \
|
||||
(defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP384R1MLKEM768,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_CURVE448) && \
|
||||
ECC_MIN_KEY_SZ <= 448
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448MLKEM768,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_ECC) && \
|
||||
(!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_SECP256R1MLKEM512,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_512) && defined(HAVE_CURVE25519) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519MLKEM512,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
}
|
||||
@@ -15936,58 +16007,59 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
defined(WOLFSSL_MLKEM_KYBER)
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
if (IsAtLeastTLSv1_3(ssl->version) &&
|
||||
TLSX_IsMlKemGroupSupported(ssl->options.side)) {
|
||||
#ifdef WOLFSSL_KYBER1024
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL5,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#if defined(HAVE_ECC) && (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 521
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P521_KYBER_LEVEL5,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_KYBER768
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL3,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#if defined(HAVE_ECC) && (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 384
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P384_KYBER_LEVEL3,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if defined(HAVE_ECC) && (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_KYBER_LEVEL3,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_KYBER_LEVEL3,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X448_KYBER_LEVEL3,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
#ifdef WOLFSSL_KYBER512
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_KYBER_LEVEL1,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#if defined(HAVE_ECC) && (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
|
||||
ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_P256_KYBER_LEVEL1,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
|
||||
ret = TLSX_UseSupportedCurve(extensions, WOLFSSL_X25519_KYBER_LEVEL1,
|
||||
ssl->heap);
|
||||
ssl->heap, ssl->options.side);
|
||||
if (ret != WOLFSSL_SUCCESS) return ret;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
+1
-1
@@ -14666,7 +14666,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
|
||||
(void)group;
|
||||
#else
|
||||
/* Check if the group is supported. */
|
||||
if (!TLSX_IsGroupSupported(group)) {
|
||||
if (!TLSX_IsGroupSupported(group, ssl->options.side)) {
|
||||
WOLFSSL_MSG("Group not supported.");
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
+4
-3
@@ -23505,7 +23505,7 @@ static int test_sk_X509_CRL_decode(void)
|
||||
}
|
||||
|
||||
#if (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && !defined(NO_CERTS) && \
|
||||
defined(HAVE_CRL) && defined(WOLFSSL_CERT_GEN)
|
||||
defined(HAVE_CRL) && defined(WOLFSSL_CERT_GEN) && !defined(NO_ASN_TIME)
|
||||
/* Ensure oversized caller-provided revocationDate is rejected. */
|
||||
static int test_wolfSSL_X509_CRL_add_revoked_oversized_revocation_date(void)
|
||||
{
|
||||
@@ -33276,7 +33276,8 @@ static int test_DhAgree_rejects_p_minus_1(void)
|
||||
static int test_ed448_rejects_identity_key(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_ED448) && !defined(HAVE_SELFTEST) && \
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_VERIFY) && \
|
||||
defined(HAVE_ED448_KEY_IMPORT) && !defined(HAVE_SELFTEST) && \
|
||||
(!defined(HAVE_FIPS) || FIPS_VERSION_GE(7,0))
|
||||
ed448_key key;
|
||||
byte identity[ED448_PUB_KEY_SIZE];
|
||||
@@ -34534,7 +34535,7 @@ TEST_CASE testCases[] = {
|
||||
/* OpenSSL sk_X509_CRL API test */
|
||||
TEST_DECL(test_sk_X509_CRL_decode),
|
||||
#if (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && !defined(NO_CERTS) && \
|
||||
defined(HAVE_CRL) && defined(WOLFSSL_CERT_GEN)
|
||||
defined(HAVE_CRL) && defined(WOLFSSL_CERT_GEN) && !defined(NO_ASN_TIME)
|
||||
TEST_DECL(test_wolfSSL_X509_CRL_add_revoked_oversized_revocation_date),
|
||||
#endif
|
||||
#if (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && !defined(NO_CERTS) && \
|
||||
|
||||
@@ -3508,7 +3508,7 @@ int test_wolfSSL_CertManagerRejectMD5Cert(void)
|
||||
#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_MD5) && \
|
||||
!defined(WOLFSSL_ALLOW_MD5_CERT_SIGS) && defined(WOLFSSL_CERT_GEN) && \
|
||||
!defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_ASN_CRYPT) && \
|
||||
!defined(USE_CERT_BUFFERS_1024)
|
||||
!defined(USE_CERT_BUFFERS_1024) && !defined(NO_ASN_TIME)
|
||||
WOLFSSL_CERT_MANAGER* cm = NULL;
|
||||
RsaKey caKey;
|
||||
WC_RNG rng;
|
||||
|
||||
@@ -811,6 +811,7 @@ int test_wc_ed25519_reject_small_order_keys(void)
|
||||
0x2a,0x20,0x53,0xfa,0x2c,0x39,0xcc,0xc6,
|
||||
0x4e,0xc7,0xfd,0x77,0x92,0xac,0x03,0xfa},
|
||||
};
|
||||
#ifndef NO_ED25519_VERIFY
|
||||
/* Forged signature: R = B (base point), S = 1.
|
||||
* With public key A = identity, S*B - h*A = B = R for any message. */
|
||||
static const byte forged_sig[ED25519_SIG_SIZE] = {
|
||||
@@ -823,6 +824,7 @@ int test_wc_ed25519_reject_small_order_keys(void)
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
|
||||
};
|
||||
#endif
|
||||
ed25519_key key;
|
||||
word32 i;
|
||||
word32 num_keys = (word32)(sizeof(small_order_keys) / ED25519_PUB_KEY_SIZE);
|
||||
@@ -864,6 +866,7 @@ int test_wc_ed25519_reject_small_order_keys(void)
|
||||
wc_ed25519_free(&key);
|
||||
}
|
||||
|
||||
#ifndef NO_ED25519_VERIFY
|
||||
/* (3) Even a "trusted" import (which bypasses wc_ed25519_check_key)
|
||||
* must not let wc_ed25519_verify_msg accept a forged signature against
|
||||
* an identity public key. Test both the canonical encoding (y = 1,
|
||||
@@ -902,6 +905,7 @@ int test_wc_ed25519_reject_small_order_keys(void)
|
||||
wc_ed25519_free(&key);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
@@ -760,6 +760,7 @@ int test_wc_ed448_reject_small_order_keys(void)
|
||||
0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
|
||||
0x80},
|
||||
};
|
||||
#ifndef NO_ED448_VERIFY
|
||||
/* Arbitrary signature bytes: S = 1 (must be below the Ed448 group
|
||||
* order or wc_ed448_verify_msg() returns BAD_FUNC_ARG before the
|
||||
* small-order check has a chance to fire). The R bytes do not need
|
||||
@@ -788,6 +789,7 @@ int test_wc_ed448_reject_small_order_keys(void)
|
||||
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
|
||||
0x00
|
||||
};
|
||||
#endif
|
||||
ed448_key key;
|
||||
word32 i;
|
||||
word32 num_keys = (word32)(sizeof(small_order_keys) / ED448_PUB_KEY_SIZE);
|
||||
@@ -829,6 +831,7 @@ int test_wc_ed448_reject_small_order_keys(void)
|
||||
wc_ed448_free(&key);
|
||||
}
|
||||
|
||||
#ifndef NO_ED448_VERIFY
|
||||
/* (3) Even a "trusted" import (which bypasses wc_ed448_check_key)
|
||||
* must not let wc_ed448_verify_msg accept a forged signature against
|
||||
* an identity public key. Test both the canonical encoding (y = 1,
|
||||
@@ -866,6 +869,7 @@ int test_wc_ed448_reject_small_order_keys(void)
|
||||
wc_ed448_free(&key);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
@@ -2563,7 +2563,8 @@ int test_wolfSSL_EVP_PKEY_print_public(void)
|
||||
int test_wolfSSL_EVP_PKEY_ed25519(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ED25519)
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ED25519) && \
|
||||
defined(HAVE_ED25519_KEY_IMPORT)
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
const unsigned char* p;
|
||||
|
||||
@@ -2623,7 +2624,8 @@ int test_wolfSSL_CTX_use_PrivateKey_ed25519(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ED25519) && \
|
||||
!defined(NO_WOLFSSL_SERVER) && !defined(NO_TLS)
|
||||
defined(HAVE_ED25519_KEY_IMPORT) && !defined(NO_WOLFSSL_SERVER) && \
|
||||
!defined(NO_TLS)
|
||||
WOLFSSL_CTX* ctx = NULL;
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
const unsigned char* p;
|
||||
@@ -2653,7 +2655,8 @@ int test_wolfSSL_CTX_use_PrivateKey_ed25519(void)
|
||||
int test_wolfSSL_EVP_PKEY_ed448(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ED448)
|
||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ED448) && \
|
||||
defined(HAVE_ED448_KEY_IMPORT)
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
const unsigned char* p;
|
||||
|
||||
|
||||
@@ -288,8 +288,8 @@ static int rfc9802_load_file(const char* path, byte** out, int* outLen)
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
static int rfc9802_verify_one_cert(const char* path, word32 expectedKeyOID,
|
||||
word32 expectedSigOID)
|
||||
static WC_MAYBE_UNUSED int rfc9802_verify_one_cert(const char* path,
|
||||
word32 expectedKeyOID, word32 expectedSigOID)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
byte* buf = NULL;
|
||||
@@ -512,6 +512,7 @@ static int rfc9802_xmss_import_negative(void)
|
||||
wc_XmssKey_Free(&key);
|
||||
}
|
||||
|
||||
#if !defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 10)
|
||||
/* Once params have been configured (state != INITED), the OID
|
||||
* prefix in the raw key MUST match key->oid and is_xmssmt MUST
|
||||
* match key->is_xmssmt. Set XMSS-SHA2_10_256 and feed a valid-
|
||||
@@ -561,10 +562,12 @@ static int rfc9802_xmss_import_negative(void)
|
||||
ExpectIntEQ((int)key.is_xmssmt, 0);
|
||||
wc_XmssKey_Free(&key);
|
||||
|
||||
#if WOLFSSL_XMSS_MAX_HEIGHT >= 20
|
||||
ExpectIntEQ(wc_XmssKey_Init(&key, NULL, INVALID_DEVID), 0);
|
||||
ExpectIntEQ(wc_XmssKey_ImportPubRaw_ex(&key, buf, sizeof(buf), 1), 0);
|
||||
ExpectIntEQ((int)key.is_xmssmt, 1);
|
||||
wc_XmssKey_Free(&key);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Lenient state: re-importing the same pub key into a VERIFYONLY
|
||||
@@ -635,6 +638,7 @@ static int rfc9802_xmss_import_negative(void)
|
||||
WC_NO_ERR_TRACE(BAD_STATE_E));
|
||||
wc_XmssKey_Free(&key);
|
||||
}
|
||||
#endif
|
||||
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
@@ -833,8 +837,10 @@ static int rfc9802_xmss_chain_verify(void)
|
||||
ExpectNotNull(cm = wolfSSL_CertManagerNew());
|
||||
ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer(cm, caBuf, (long)caLen,
|
||||
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
|
||||
#if !defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 10)
|
||||
ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, leafBuf, (long)leafLen,
|
||||
WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
|
||||
#endif
|
||||
|
||||
if (cm != NULL) {
|
||||
wolfSSL_CertManagerFree(cm);
|
||||
@@ -905,24 +911,50 @@ int test_rfc9802_xmss_x509_verify(void)
|
||||
EXPECT_DECLS;
|
||||
#if defined(WOLFSSL_HAVE_XMSS)
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
|
||||
#if (!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 16))
|
||||
static const char* const xmssFiles[] = {
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 10)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 10))
|
||||
"./certs/xmss/bc_xmss_sha2_10_256_root.der",
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 16)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 16))
|
||||
"./certs/xmss/bc_xmss_sha2_16_256_root.der",
|
||||
#endif
|
||||
};
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 20)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 40))
|
||||
static const char* const xmssmtFiles[] = {
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 20)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 20))
|
||||
"./certs/xmss/bc_xmssmt_sha2_20_2_256_root.der",
|
||||
"./certs/xmss/bc_xmssmt_sha2_20_4_256_root.der",
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 40)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 40))
|
||||
"./certs/xmss/bc_xmssmt_sha2_40_8_256_root.der",
|
||||
#endif
|
||||
};
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 16)) || \
|
||||
((!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 20)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 40)))
|
||||
size_t i;
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 16))
|
||||
for (i = 0; i < sizeof(xmssFiles) / sizeof(xmssFiles[0]); i++) {
|
||||
ExpectIntEQ(rfc9802_verify_one_cert(xmssFiles[i],
|
||||
XMSSk, CTC_XMSS), TEST_SUCCESS);
|
||||
}
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_XMSS_MAX_HEIGHT) || (WOLFSSL_XMSS_MAX_HEIGHT >= 20)) && \
|
||||
(!defined(WOLFSSL_XMSS_MIN_HEIGHT) || (WOLFSSL_XMSS_MIN_HEIGHT <= 40))
|
||||
for (i = 0; i < sizeof(xmssmtFiles) / sizeof(xmssmtFiles[0]); i++) {
|
||||
ExpectIntEQ(rfc9802_verify_one_cert(xmssmtFiles[i],
|
||||
XMSSMTk, CTC_XMSSMT), TEST_SUCCESS);
|
||||
}
|
||||
#endif
|
||||
ExpectIntEQ(rfc9802_xmss_sig_oid_mismatch(), TEST_SUCCESS);
|
||||
ExpectIntEQ(rfc9802_xmss_chain_verify(), TEST_SUCCESS);
|
||||
#endif /* !NO_FILESYSTEM && !NO_CERTS */
|
||||
|
||||
@@ -207,23 +207,10 @@ wc_static_assert(WC_NO_ERR_TRACE(DILITHIUM_KEY_SIZE_E) ==
|
||||
* signature mismatches and defeat the purpose. */
|
||||
static void mldsa_legacy_shim_symbol_aliases_compile_check(void)
|
||||
{
|
||||
typedef int (*init_fn)(wc_MlDsaKey*, void*, int);
|
||||
typedef void (*free_fn)(wc_MlDsaKey*);
|
||||
typedef int (*set_level_fn)(wc_MlDsaKey*, byte);
|
||||
typedef int (*get_level_fn)(wc_MlDsaKey*, byte*);
|
||||
typedef int (*size_fn)(wc_MlDsaKey*);
|
||||
typedef int (*check_fn)(wc_MlDsaKey*);
|
||||
typedef int (*export_fn)(wc_MlDsaKey*, byte*, word32*);
|
||||
|
||||
init_fn f_init_ex = &wc_dilithium_init_ex;
|
||||
free_fn f_free = &wc_dilithium_free;
|
||||
set_level_fn f_set_level = &wc_dilithium_set_level;
|
||||
get_level_fn f_get_level = &wc_dilithium_get_level;
|
||||
size_fn f_sig_size = &wc_dilithium_sig_size;
|
||||
|
||||
(void)f_init_ex; (void)f_free; (void)f_set_level; (void)f_get_level;
|
||||
(void)f_sig_size;
|
||||
|
||||
#ifdef WOLFSSL_MLDSA_PRIVATE_KEY
|
||||
{
|
||||
size_fn f_size = &wc_dilithium_size;
|
||||
|
||||
@@ -54,6 +54,18 @@ int test_utils_memio_move_message(void)
|
||||
/* send server's flight */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
/* If the server responded with a HelloRetryRequest it is waiting on a new
|
||||
* ClientHello, so the buffered flight is just the HRR rather than the real
|
||||
* ServerHello flight. Drive another connect/accept round so the message
|
||||
* moving below operates on the real flight. */
|
||||
if (EXPECT_SUCCESS() && test_memio_msg_is_hello_retry_request(&test_ctx)) {
|
||||
/* client processes HRR and sends second ClientHello */
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
/* server processes second ClientHello and sends its flight */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
}
|
||||
/* Move messages around but they should be the same at the end */
|
||||
ExpectIntEQ(test_memio_move_message(&test_ctx, 1, 1, 2), 0);
|
||||
ExpectIntEQ(test_memio_move_message(&test_ctx, 1, 2, 1), 0);
|
||||
|
||||
+52
-3
@@ -93,7 +93,10 @@ int test_tls13_apis(void)
|
||||
#endif
|
||||
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
|
||||
int groups[2] = { WOLFSSL_ECC_SECP256R1,
|
||||
#ifdef WOLFSSL_HAVE_MLKEM
|
||||
#if defined(WOLFSSL_HAVE_MLKEM) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_MAKE_KEY) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_ENCAPSULATE) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_DECAPSULATE)
|
||||
#ifdef WOLFSSL_MLKEM_KYBER
|
||||
#ifndef WOLFSSL_NO_KYBER512
|
||||
WOLFSSL_KYBER_LEVEL1
|
||||
@@ -5627,6 +5630,7 @@ int test_tls13_corrupted_finished(void)
|
||||
WOLFSSL *ssl_c = NULL;
|
||||
WOLFSSL *ssl_s = NULL;
|
||||
struct test_memio_ctx test_ctx;
|
||||
int ret;
|
||||
|
||||
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
|
||||
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
|
||||
@@ -5644,7 +5648,29 @@ int test_tls13_corrupted_finished(void)
|
||||
|
||||
/* Step 3: Client processes server flight, verifies server Finished,
|
||||
* sends client Finished */
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
ret = wolfSSL_connect(ssl_c);
|
||||
if (ret == WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR)) {
|
||||
/* Actually: Server sent HelloRetryRequest */
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* Step 1: Client sends ClientHello */
|
||||
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* Step 2: Server processes CH, sends SH + EE + Cert + CV + Finished */
|
||||
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
|
||||
/* Step 3: Client processes server flight, verifies server Finished,
|
||||
* sends client Finished */
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
}
|
||||
else {
|
||||
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
|
||||
}
|
||||
|
||||
/* Corrupt the server's client_write_MAC_secret so that when it computes
|
||||
* the expected Finished HMAC, the result won't match the client's actual
|
||||
@@ -5727,7 +5753,20 @@ int test_tls13_peerauth_failsafe(void)
|
||||
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
ret = wolfSSL_connect(ssl_c);
|
||||
if (ret == WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR)) {
|
||||
/* HelloRetryRequest sent by server. */
|
||||
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
|
||||
WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
}
|
||||
else {
|
||||
ExpectIntEQ(ret, WOLFSSL_SUCCESS);
|
||||
}
|
||||
|
||||
ssl_s->options.peerAuthGood = 0;
|
||||
ret = wolfSSL_accept(ssl_s);
|
||||
@@ -6369,6 +6408,16 @@ static int test_tls13_cipher_fuzz_once(WC_RNG* rng,
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
/* The default groups can lead the server to respond with a
|
||||
* HelloRetryRequest, in which case it is waiting on a new ClientHello and
|
||||
* has not yet sent any encrypted record. Drive another connect/accept round
|
||||
* so the buffers hold the real flight before fuzzing. */
|
||||
if (EXPECT_SUCCESS() && test_memio_msg_is_hello_retry_request(&test_ctx)) {
|
||||
ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
}
|
||||
if (side == 1) {
|
||||
ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
|
||||
buf = test_ctx.s_buff;
|
||||
|
||||
@@ -647,7 +647,7 @@ int test_x509_CertFromX509_akid_overflow(void)
|
||||
EXPECT_DECLS;
|
||||
#if defined(WOLFSSL_AKID_NAME) && defined(WOLFSSL_CERT_GEN) && \
|
||||
defined(WOLFSSL_CERT_EXT) && !defined(NO_BIO) && \
|
||||
(defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL))
|
||||
(defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && defined(HAVE_ECC)
|
||||
/* DER builder helpers -- write into a flat buffer */
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
unsigned char* buf = NULL;
|
||||
|
||||
+46
-4
@@ -214,7 +214,8 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
#endif
|
||||
#endif /* WOLFSSL_TLS_NO_MLKEM_STANDALONE */
|
||||
#ifdef WOLFSSL_PQC_HYBRIDS
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC)
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC) && \
|
||||
(!defined(WOLFSSL_SP_MATH) || !defined(WOLFSSL_SP_NO_256))
|
||||
if (MATCH_PQC(begin, "SecP256r1MLKEM768", len)) {
|
||||
available = 1;
|
||||
}
|
||||
@@ -224,7 +225,8 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
available = 1;
|
||||
}
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC)
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC) && \
|
||||
(!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_384))
|
||||
if (MATCH_PQC(begin, "SecP384r1MLKEM1024", len)) {
|
||||
available = 1;
|
||||
}
|
||||
@@ -246,7 +248,8 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
available = 1;
|
||||
}
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC)
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_768) && defined(HAVE_ECC) && \
|
||||
(!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_384))
|
||||
if (MATCH_PQC(begin, "SecP384r1MLKEM768", len)) {
|
||||
available = 1;
|
||||
}
|
||||
@@ -261,7 +264,8 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
available = 1;
|
||||
}
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC)
|
||||
#if !defined(WOLFSSL_NO_ML_KEM_1024) && defined(HAVE_ECC) && \
|
||||
(!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_521))
|
||||
if (MATCH_PQC(begin, "SecP521r1MLKEM1024", len)) {
|
||||
available = 1;
|
||||
}
|
||||
@@ -290,9 +294,11 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
available = 1;
|
||||
}
|
||||
#ifdef HAVE_ECC
|
||||
#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_384)
|
||||
if (MATCH_PQC(begin, "P384_KYBER_LEVEL3", len)) {
|
||||
available = 1;
|
||||
}
|
||||
#endif
|
||||
if (MATCH_PQC(begin, "P256_KYBER_LEVEL3", len)) {
|
||||
available = 1;
|
||||
}
|
||||
@@ -303,9 +309,11 @@ static int IsKyberLevelAvailable(const char* line)
|
||||
available = 1;
|
||||
}
|
||||
#ifdef HAVE_ECC
|
||||
#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_521)
|
||||
if (MATCH_PQC(begin, "P521_KYBER_LEVEL5", len)) {
|
||||
available = 1;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_KYBER512) && defined(HAVE_CURVE25519)
|
||||
@@ -476,6 +484,28 @@ static int IsEcdsaCipherSuiteDefRsaCert(const char* line)
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_STATIC_PSK
|
||||
/* Check whether the command line forces ephemeral (EC)DHE PSK key exchange.
|
||||
*
|
||||
* @param [in] argc Number of arguments.
|
||||
* @param [in] argv Argument list.
|
||||
* @return 1 when "--onlyPskDheKe" is present.
|
||||
* @return 0 otherwise.
|
||||
*/
|
||||
static int IsOnlyPskDheKe(int argc, char** argv)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < argc; i++) {
|
||||
if (argv[i] != NULL && XSTRCMP(argv[i], "--onlyPskDheKe") == 0) {
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif /* WOLFSSL_STATIC_PSK */
|
||||
|
||||
static int execute_test_case(int svr_argc, char** svr_argv,
|
||||
int cli_argc, char** cli_argv,
|
||||
int addNoVerify, int addNonBlocking,
|
||||
@@ -588,6 +618,18 @@ static int execute_test_case(int svr_argc, char** svr_argv,
|
||||
return NOT_BUILT_IN;
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_STATIC_PSK
|
||||
/* --onlyPskDheKe forces the psk_dhe_ke key exchange mode, which requires
|
||||
* ephemeral (EC)DHE. A static PSK build provides only the psk_ke mode, so
|
||||
* skip these tests. */
|
||||
if (IsOnlyPskDheKe(svrArgs.argc, svr_argv) ||
|
||||
IsOnlyPskDheKe(cliArgs.argc, cli_argv)) {
|
||||
#ifdef DEBUG_SUITE_TESTS
|
||||
printf("--onlyPskDheKe not supported with WOLFSSL_STATIC_PSK\n");
|
||||
#endif
|
||||
return NOT_BUILT_IN;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Build Server Command */
|
||||
if (addNoVerify) {
|
||||
|
||||
@@ -513,6 +513,40 @@ int test_memio_get_message(const struct test_memio_ctx *ctx, int client,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* The random value placed in a ServerHello to mark it as a HelloRetryRequest.
|
||||
* See RFC 8446 Section 4.1.3. */
|
||||
static const byte test_hello_retry_request_random[32] = {
|
||||
0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
|
||||
0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91,
|
||||
0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E,
|
||||
0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C
|
||||
};
|
||||
|
||||
/* Returns 1 if the first server->client record buffered in ctx is a
|
||||
* HelloRetryRequest, 0 otherwise. A HelloRetryRequest is sent as a ServerHello
|
||||
* (handshake type server_hello) carrying the special random above. */
|
||||
int test_memio_msg_is_hello_retry_request(const struct test_memio_ctx *ctx)
|
||||
{
|
||||
const char* msg = NULL;
|
||||
int msg_sz = 0;
|
||||
/* TLS record header (5) + handshake header (4) + legacy_version (2) is the
|
||||
* offset of the 32-byte ServerHello random within the record. */
|
||||
const int random_off = 5 + 4 + 2;
|
||||
|
||||
/* The server's flight is buffered for the client (client = 1). */
|
||||
if (test_memio_get_message(ctx, 1, &msg, &msg_sz, 0) != 0)
|
||||
return 0;
|
||||
/* Need a handshake record (0x16) holding a server_hello (0x02) with a full
|
||||
* random. */
|
||||
if (msg_sz < random_off + (int)sizeof(test_hello_retry_request_random))
|
||||
return 0;
|
||||
if ((byte)msg[0] != 0x16 || (byte)msg[5] != 0x02)
|
||||
return 0;
|
||||
|
||||
return XMEMCMP(msg + random_off, test_hello_retry_request_random,
|
||||
sizeof(test_hello_retry_request_random)) == 0;
|
||||
}
|
||||
|
||||
int test_memio_move_message(struct test_memio_ctx *ctx, int client,
|
||||
int msg_pos_in, int msg_pos_out)
|
||||
{
|
||||
|
||||
@@ -95,6 +95,7 @@ int test_memio_copy_message(const struct test_memio_ctx *ctx, int client,
|
||||
char *out, int *out_sz, int msg_pos);
|
||||
int test_memio_get_message(const struct test_memio_ctx *ctx, int client,
|
||||
const char **out, int *out_sz, int msg_pos);
|
||||
int test_memio_msg_is_hello_retry_request(const struct test_memio_ctx *ctx);
|
||||
int test_memio_move_message(struct test_memio_ctx *ctx, int client,
|
||||
int msg_pos_in, int msg_pos_out);
|
||||
int test_memio_drop_message(struct test_memio_ctx *ctx, int client, int msg_pos);
|
||||
|
||||
@@ -1588,7 +1588,7 @@ int wc_ed25519_check_key(ed25519_key* key)
|
||||
#endif /* HAVE_ED25519_MAKE_KEY */
|
||||
|
||||
/* No private key (or ability to make a public key), check Y is valid. */
|
||||
if ((ret == 0)
|
||||
if (ret == 0
|
||||
#ifdef HAVE_ED25519_MAKE_KEY
|
||||
&& (!key->privKeySet)
|
||||
#endif
|
||||
|
||||
+13
-13
@@ -235,7 +235,7 @@ static int d2iTryEccKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
|
||||
}
|
||||
#endif /* HAVE_ECC && OPENSSL_EXTRA */
|
||||
|
||||
#ifdef HAVE_ED25519
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
/**
|
||||
* Try to make an Ed25519 EVP PKEY from data.
|
||||
*
|
||||
@@ -299,9 +299,9 @@ static int d2iTryEd25519Key(WOLFSSL_EVP_PKEY** out, const unsigned char* mem,
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_ED25519 */
|
||||
#endif /* HAVE_ED25519i && HAVE_ED25519_KEY_IMPORT */
|
||||
|
||||
#ifdef HAVE_ED448
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
|
||||
/**
|
||||
* Try to make an Ed448 EVP PKEY from data.
|
||||
*
|
||||
@@ -398,7 +398,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_raw_public_key(int type,
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
#ifdef HAVE_ED25519
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED25519: {
|
||||
ed25519_key* edKey;
|
||||
if (len != ED25519_PUB_KEY_SIZE) {
|
||||
@@ -419,7 +419,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_raw_public_key(int type,
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_ED448
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED448: {
|
||||
ed448_key* edKey;
|
||||
if (len != ED448_PUB_KEY_SIZE) {
|
||||
@@ -542,7 +542,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_raw_private_key(int type,
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
#ifdef HAVE_ED25519
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED25519: {
|
||||
ed25519_key* edKey;
|
||||
if (len != ED25519_KEY_SIZE) {
|
||||
@@ -564,7 +564,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_raw_private_key(int type,
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_ED448
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED448: {
|
||||
ed448_key* edKey;
|
||||
if (len != ED448_KEY_SIZE) {
|
||||
@@ -1133,18 +1133,18 @@ static WOLFSSL_EVP_PKEY* d2i_evp_pkey_try(WOLFSSL_EVP_PKEY** out,
|
||||
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
|
||||
#endif /* !NO_DH && OPENSSL_EXTRA && WOLFSSL_DH_EXTRA */
|
||||
|
||||
#ifdef HAVE_ED25519
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
if (d2iTryEd25519Key(&pkey, *in, inSz, priv) >= 0) {
|
||||
found = 1;
|
||||
}
|
||||
else
|
||||
#endif /* HAVE_ED25519 */
|
||||
#ifdef HAVE_ED448
|
||||
#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_IMPORT */
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
|
||||
if (d2iTryEd448Key(&pkey, *in, inSz, priv) >= 0) {
|
||||
found = 1;
|
||||
}
|
||||
else
|
||||
#endif /* HAVE_ED448 */
|
||||
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
|
||||
#ifdef HAVE_FALCON
|
||||
if (d2iTryFalconKey(&pkey, *in, inSz, priv) >= 0) {
|
||||
found = 1;
|
||||
@@ -1494,7 +1494,7 @@ static WOLFSSL_EVP_PKEY* d2i_evp_pkey(int type, WOLFSSL_EVP_PKEY** out,
|
||||
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
|
||||
#endif /* HAVE_DH */
|
||||
#endif /* WOLFSSL_QT || OPENSSL_ALL || WOLFSSL_OPENSSH */
|
||||
#ifdef HAVE_ED25519
|
||||
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED25519:
|
||||
/* local->pkey.ptr already holds the input bytes, so
|
||||
* d2iTryEd25519Key will skip the d2i_make_pkey allocate/copy
|
||||
@@ -1505,7 +1505,7 @@ static WOLFSSL_EVP_PKEY* d2i_evp_pkey(int type, WOLFSSL_EVP_PKEY** out,
|
||||
}
|
||||
break;
|
||||
#endif /* HAVE_ED25519 */
|
||||
#ifdef HAVE_ED448
|
||||
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
|
||||
case WC_EVP_PKEY_ED448:
|
||||
/* See WC_EVP_PKEY_ED25519 case above. */
|
||||
if (d2iTryEd448Key(&local, p, local->pkey_sz, priv) != 1) {
|
||||
|
||||
@@ -960,6 +960,8 @@ static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
|
||||
|
||||
|
||||
#ifndef CURVED25519_ASM
|
||||
#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY) || \
|
||||
defined(WOLFSSL_CURVE25519_USE_ED25519)
|
||||
/* ge_scalar mult base */
|
||||
static unsigned char equal(unsigned char b,unsigned char c)
|
||||
{
|
||||
@@ -970,14 +972,10 @@ static unsigned char equal(unsigned char b,unsigned char c)
|
||||
return (unsigned char)y;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY) || \
|
||||
defined(WOLFSSL_CURVE25519_USE_ED25519)
|
||||
static unsigned char negative(signed char b)
|
||||
{
|
||||
return ((unsigned char)b) >> 7;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
||||
static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
|
||||
unsigned char n)
|
||||
@@ -988,6 +986,7 @@ static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
|
||||
fe_cmov(t->xy2d,u->xy2d,b);
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY) || \
|
||||
defined(WOLFSSL_CURVE25519_USE_ED25519)
|
||||
|
||||
+1
-1
@@ -978,10 +978,10 @@ int wc_CheckRsaKey(RsaKey* key)
|
||||
XFREE(rng, NULL, DYNAMIC_TYPE_RNG);
|
||||
#endif
|
||||
}
|
||||
FREE_MP_INT_SIZE(tmp, NULL, DYNAMIC_TYPE_RSA);
|
||||
#ifdef WOLFSSL_CHECK_MEM_ZERO
|
||||
mp_memzero_check(tmp);
|
||||
#endif
|
||||
FREE_MP_INT_SIZE(tmp, NULL, DYNAMIC_TYPE_RSA);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -62697,13 +62697,10 @@ static const sp_point_256 p256_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[8] = {
|
||||
0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
|
||||
0xaa3a93e7,0x5ac635d8
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -80830,7 +80827,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -80903,6 +80899,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -81330,13 +81327,10 @@ static const sp_point_384 p384_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[12] = {
|
||||
0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
|
||||
0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -99161,7 +99155,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -99234,6 +99227,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -99703,14 +99697,11 @@ static const sp_point_521 p521_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[17] = {
|
||||
0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
|
||||
0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
|
||||
0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -128151,7 +128142,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -128224,6 +128214,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -158596,7 +158587,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -158720,6 +158710,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
@@ -21506,13 +21506,10 @@ static const sp_point_256 p256_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[4] = {
|
||||
0x3bce3c3e27d2604bL,0x651d06b0cc53b0f6L,0xb3ebbd55769886bcL,
|
||||
0x5ac635d8aa3a93e7L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -41529,7 +41526,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Add two Montgomery form numbers (r = a + b % m).
|
||||
*
|
||||
* r Result of addition.
|
||||
@@ -41646,6 +41642,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -42072,13 +42069,10 @@ static const sp_point_384 p384_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[6] = {
|
||||
0x2a85c8edd3ec2aefL,0xc656398d8a2ed19dL,0x0314088f5013875aL,
|
||||
0x181d9c6efe814112L,0x988e056be3f82d19L,0xb3312fa7e23ee7e4L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -67254,7 +67248,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -67327,6 +67320,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -67792,14 +67786,11 @@ static const sp_point_521 p521_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[9] = {
|
||||
0xef451fd46b503f00L,0x3573df883d2c34f1L,0x1652c0bd3bb1bf07L,
|
||||
0x56193951ec7e937bL,0xb8b489918ef109e1L,0xa2da725b99b315f3L,
|
||||
0x929a21a0b68540eeL,0x953eb9618e1c9a1fL,0x0000000000000051L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -111810,7 +111801,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -111883,6 +111873,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -123593,7 +123584,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -123783,6 +123773,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
@@ -96590,13 +96590,10 @@ static const sp_point_256 p256_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[8] = {
|
||||
0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
|
||||
0xaa3a93e7,0x5ac635d8
|
||||
};
|
||||
#endif
|
||||
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
*
|
||||
@@ -107340,7 +107337,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -107413,6 +107409,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -107840,13 +107837,10 @@ static const sp_point_384 p384_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[12] = {
|
||||
0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
|
||||
0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
|
||||
};
|
||||
#endif
|
||||
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
*
|
||||
@@ -118179,7 +118173,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -118252,6 +118245,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -118721,14 +118715,11 @@ static const sp_point_521 p521_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[17] = {
|
||||
0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
|
||||
0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
|
||||
0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
|
||||
};
|
||||
#endif
|
||||
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
*
|
||||
@@ -134795,7 +134786,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -134868,6 +134858,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -217250,7 +217241,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -217374,6 +217364,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
+4
-13
@@ -20367,13 +20367,10 @@ static const sp_point_256 p256_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[9] = {
|
||||
0x07d2604b,0x1e71e1f1,0x14ec3d8e,0x1a0d6198,0x086bc651,0x1eaabb4c,
|
||||
0x0f9ecfae,0x1b154752,0x005ac635
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -26555,7 +26552,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -26628,6 +26624,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -27063,14 +27060,11 @@ static const sp_point_384 p384_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[15] = {
|
||||
0x3ec2aef,0x1723b74,0x119d2a8,0x23628bb,0x2c65639,0x004e1d6,0x14088f5,
|
||||
0x104480c,0x06efe81,0x2460767,0x23f82d1,0x23815af,0x2e7e498,0x3e9f88f,
|
||||
0x00b3312
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -34224,7 +34218,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -34297,6 +34290,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -34769,14 +34763,11 @@ static const sp_point_521 p521_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[21] = {
|
||||
0x1503f00,0x08fea35,0x13c7bd1,0x107a586,0x1573df8,0x18df839,0x102f4ee,
|
||||
0x0f62ca5,0x1ec7e93,0x10c9ca8,0x0427855,0x13231de,0x13b8b48,0x0cd98af,
|
||||
0x169c96e,0x081dd45,0x1a0b685,0x1c94d10,0x1872687,0x1d72c31,0x0051953
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -41999,7 +41990,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -42072,6 +42062,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -53518,7 +53509,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -53630,6 +53620,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
+4
-13
@@ -21245,13 +21245,10 @@ static const sp_point_256 p256_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[5] = {
|
||||
0xe3c3e27d2604bL,0xb0cc53b0f63bcL,0x69886bc651d06L,0x93e7b3ebbd557L,
|
||||
0x05ac635d8aa3aL
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -27170,7 +27167,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -27243,6 +27239,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -27667,13 +27664,10 @@ static const sp_point_384 p384_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[7] = {
|
||||
0x05c8edd3ec2aefL,0x731b145da33a55L,0x3d404e1d6b1958L,0x740a089018a044L,
|
||||
0x02d19181d9c6efL,0x7c9311c0ad7c7fL,0x2ccc4be9f88fb9L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -34226,7 +34220,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -34299,6 +34292,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -34762,14 +34756,11 @@ static const sp_point_521 p521_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[9] = {
|
||||
0x3451fd46b503f00L,0x0f7e20f4b0d3c7bL,0x00bd3bb1bf07357L,0x147b1fa4dec594bL,
|
||||
0x18ef109e1561939L,0x26cc57cee2d2264L,0x0540eea2da725b9L,0x2687e4a688682daL,
|
||||
0x051953eb9618e1cL
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -41311,7 +41302,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -41384,6 +41374,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -51823,7 +51814,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -51935,6 +51925,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
@@ -32083,13 +32083,10 @@ static const sp_point_256 p256_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[8] = {
|
||||
0x27d2604b,0x3bce3c3e,0xcc53b0f6,0x651d06b0,0x769886bc,0xb3ebbd55,
|
||||
0xaa3a93e7,0x5ac635d8
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -42336,7 +42333,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -42409,6 +42405,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -42836,13 +42833,10 @@ static const sp_point_384 p384_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[12] = {
|
||||
0xd3ec2aef,0x2a85c8ed,0x8a2ed19d,0xc656398d,0x5013875a,0x0314088f,
|
||||
0xfe814112,0x181d9c6e,0xe3f82d19,0x988e056b,0xe23ee7e4,0xb3312fa7
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -52491,7 +52485,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -52564,6 +52557,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -53033,14 +53027,11 @@ static const sp_point_521 p521_base = {
|
||||
/* infinity */
|
||||
0
|
||||
};
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[17] = {
|
||||
0x6b503f00,0xef451fd4,0x3d2c34f1,0x3573df88,0x3bb1bf07,0x1652c0bd,
|
||||
0xec7e937b,0x56193951,0x8ef109e1,0xb8b48991,0x99b315f3,0xa2da725b,
|
||||
0xb68540ee,0x929a21a0,0x8e1c9a1f,0x953eb961,0x00000051
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SP_SMALL
|
||||
/* Multiply a and b into r. (r = a * b)
|
||||
@@ -65955,7 +65946,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -66028,6 +66018,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -82333,7 +82324,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm,
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Read big endian unsigned byte array into r.
|
||||
*
|
||||
* r A single precision integer.
|
||||
@@ -82457,6 +82447,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
@@ -7423,7 +7423,8 @@ static void _sp_div_2(const sp_int* a, sp_int* r)
|
||||
/* Last word only needs to be shifted down. */
|
||||
r->dp[i] = a->dp[i] >> 1;
|
||||
/* Set used to be all words seen. */
|
||||
r->used = (sp_size_t)(i + 1 - (int)((r->dp[i] - 1) >> (SP_WORD_SIZE - 1)));
|
||||
r->used = (sp_size_t)(i + 1 - (int)((sp_int_digit)(r->dp[i] - 1) >>
|
||||
(SP_WORD_SIZE - 1)));
|
||||
#ifdef WOLFSSL_SP_INT_NEGATIVE
|
||||
/* Same sign in result. */
|
||||
r->sign = a->sign;
|
||||
|
||||
@@ -7585,13 +7585,10 @@ static const sp_point_256 p256_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p256_b[4] = {
|
||||
0x3bce3c3e27d2604bL,0x651d06b0cc53b0f6L,0xb3ebbd55769886bcL,
|
||||
0x5ac635d8aa3a93e7L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@@ -25685,7 +25682,6 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -25758,6 +25754,7 @@ int sp_ecc_is_point_256(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -26288,13 +26285,10 @@ static const sp_point_384 p384_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p384_b[6] = {
|
||||
0x2a85c8edd3ec2aefL,0xc656398d8a2ed19dL,0x0314088f5013875aL,
|
||||
0x181d9c6efe814112L,0x988e056be3f82d19L,0xb3312fa7e23ee7e4L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@@ -50277,7 +50271,6 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -50350,6 +50343,7 @@ int sp_ecc_is_point_384(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -50944,14 +50938,11 @@ static const sp_point_521 p521_base = {
|
||||
0
|
||||
};
|
||||
#endif /* WOLFSSL_SP_SMALL */
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER) || \
|
||||
defined(HAVE_COMP_KEY)
|
||||
static const sp_digit p521_b[9] = {
|
||||
0xef451fd46b503f00L,0x3573df883d2c34f1L,0x1652c0bd3bb1bf07L,
|
||||
0x56193951ec7e937bL,0xb8b489918ef109e1L,0xa2da725b99b315f3L,
|
||||
0x929a21a0b68540eeL,0x953eb9618e1c9a1fL,0x0000000000000051L
|
||||
};
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
@@ -91071,7 +91062,6 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
|
||||
#endif /* WOLFSSL_SP_NONBLOCK */
|
||||
#endif /* HAVE_ECC_VERIFY */
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the x and y ordinates are a valid point on the curve.
|
||||
*
|
||||
* point EC point.
|
||||
@@ -91144,6 +91134,7 @@ int sp_ecc_is_point_521(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
@@ -103667,7 +103658,6 @@ int sp_Pairing_precomp_1024(const ecc_point* pm, const ecc_point* qm, mp_int* re
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
@@ -103780,6 +103770,7 @@ int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY)
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_CHECK_KEY) || !defined(NO_ECC_CHECK_PUBKEY_ORDER)
|
||||
/* Check that the private scalar generates the EC point (px, py), the point is
|
||||
* on the curve and the point has the correct order.
|
||||
*
|
||||
|
||||
@@ -8593,10 +8593,12 @@ static int mldsa_sign_with_seed_mu(wc_MlDsaKey* key,
|
||||
const wc_MlDsaParams* params = key->params;
|
||||
const byte* pub_seed = key->k;
|
||||
const byte* k = pub_seed + MLDSA_PUB_SEED_SZ;
|
||||
#ifndef WOLFSSL_MLDSA_SIGN_SMALL_MEM_PRECALC
|
||||
const byte* tr = k + MLDSA_K_SZ;
|
||||
const byte* s1p = tr + MLDSA_TR_SZ;
|
||||
const byte* s2p = s1p + params->s1EncSz;
|
||||
const byte* t0p = s2p + params->s2EncSz;
|
||||
#endif
|
||||
const byte* mu = seedMu + MLDSA_RND_SZ;
|
||||
sword32* a = NULL;
|
||||
sword32* s1 = NULL;
|
||||
@@ -9027,8 +9029,8 @@ static int mldsa_sign_with_seed_mu(wc_MlDsaKey* key,
|
||||
}
|
||||
}
|
||||
if ((ret == 0) && valid) {
|
||||
const byte* t0pt = t0p;
|
||||
#ifndef WOLFSSL_MLDSA_SIGN_SMALL_MEM_PRECALC
|
||||
const byte* t0pt = t0p;
|
||||
const byte* s2pt = s2p;
|
||||
#endif
|
||||
sword32* cs2 = ct0;
|
||||
@@ -9112,7 +9114,9 @@ static int mldsa_sign_with_seed_mu(wc_MlDsaKey* key,
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef WOLFSSL_MLDSA_SIGN_SMALL_MEM_PRECALC
|
||||
t0pt += MLDSA_D * MLDSA_N / 8;
|
||||
#endif
|
||||
w0t += MLDSA_N;
|
||||
w1t += MLDSA_N;
|
||||
}
|
||||
|
||||
+39
-24
@@ -8732,7 +8732,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void)
|
||||
#endif
|
||||
WC_HASH_TYPE_NONE
|
||||
};
|
||||
int typesBad[] = { WC_HASH_TYPE_NONE, WC_HASH_TYPE_MAX + 1 };
|
||||
enum wc_HashType typesBad[] = { WC_HASH_TYPE_NONE };
|
||||
|
||||
enum wc_HashType typesHashBad[] = {
|
||||
#ifndef WOLFSSL_MD2
|
||||
@@ -13509,14 +13509,17 @@ out:
|
||||
Aes enc[1];
|
||||
#endif
|
||||
byte cipher[WC_AES_BLOCK_SIZE * 4];
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
/* dec and plain are used by the HAVE_AES_DECRYPT paths and are also passed to
|
||||
* aescfb_192_stream_test_0() (which ignores them when HAVE_AES_DECRYPT is not
|
||||
* defined). */
|
||||
#if defined(HAVE_AES_DECRYPT) || defined(WOLFSSL_AES_192)
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
Aes *dec = NULL;
|
||||
#else
|
||||
Aes dec[1];
|
||||
#endif
|
||||
byte plain [WC_AES_BLOCK_SIZE * 4];
|
||||
#endif
|
||||
byte plain[WC_AES_BLOCK_SIZE * 4];
|
||||
#endif /* HAVE_AES_DECRYPT || WOLFSSL_AES_192 */
|
||||
wc_test_ret_t ret = 0;
|
||||
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
|
||||
@@ -15255,12 +15258,10 @@ out:
|
||||
#else
|
||||
wc_AesFree(enc);
|
||||
#endif
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
wc_AesDelete(dec, &dec);
|
||||
#else
|
||||
wc_AesFree(dec);
|
||||
#endif
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
@@ -17562,10 +17563,12 @@ static wc_test_ret_t aes_xts_256_vector_test(XtsAes *aes)
|
||||
static wc_test_ret_t aes_xts_256_partial_test(XtsAes *aes)
|
||||
{
|
||||
wc_test_ret_t ret = 0;
|
||||
byte buf[WC_AES_BLOCK_SIZE * 3];
|
||||
byte cipher[WC_AES_BLOCK_SIZE * 3];
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
byte buf[WC_AES_BLOCK_SIZE * 3];
|
||||
#ifdef WOLFSSL_AESXTS_STREAM
|
||||
struct XtsAesStreamData stream;
|
||||
#endif
|
||||
#endif
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char k1[] = {
|
||||
0x1e, 0xa6, 0x61, 0xc5, 0x8d, 0x94, 0x3a, 0x0e,
|
||||
@@ -17587,6 +17590,7 @@ static wc_test_ret_t aes_xts_256_partial_test(XtsAes *aes)
|
||||
0x6f, 0xb3, 0x50, 0x39, 0x07, 0x90, 0x31, 0x1c,
|
||||
0x6e, 0x4b, 0x92, 0x01, 0x3e, 0x76, 0x8a, 0xd5
|
||||
};
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
WOLFSSL_SMALL_STACK_STATIC const unsigned char p1[] = {
|
||||
0x2e, 0xed, 0xea, 0x52, 0xcd, 0x82, 0x15, 0xe1,
|
||||
0xac, 0xc6, 0x47, 0xe8, 0x10, 0xbb, 0xc3, 0x64,
|
||||
@@ -17629,6 +17633,7 @@ static wc_test_ret_t aes_xts_256_partial_test(XtsAes *aes)
|
||||
0xe6, 0x6c, 0xdb, 0xb7, 0x9a, 0xb4, 0x28, 0x9b,
|
||||
0xc3, 0xea, 0xd8, 0x10, 0xe9, 0xc0, 0xaf, 0x92
|
||||
};
|
||||
#endif
|
||||
|
||||
/* partial block encryption test */
|
||||
XMEMSET(cipher, 0, sizeof(cipher));
|
||||
@@ -19057,8 +19062,9 @@ static wc_test_ret_t aesgcm_setiv_test(Aes* enc, Aes* dec)
|
||||
wc_FreeRng(&rng);
|
||||
#else
|
||||
(void)enc;
|
||||
(void)dec;
|
||||
#endif /* WOLFSSL_AES_256 && ... */
|
||||
|
||||
(void)dec;
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -19306,13 +19312,17 @@ static wc_test_ret_t aesgcm_non12iv_test(Aes* enc, Aes* dec)
|
||||
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
|
||||
0xba, 0x63, 0x7b, 0x39
|
||||
};
|
||||
#if defined(WOLFSSL_AES_192) || \
|
||||
(defined(WOLFSSL_AES_128) && defined(BENCH_AESGCM_LARGE))
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte a[] =
|
||||
{
|
||||
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
|
||||
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
|
||||
0xab, 0xad, 0xda, 0xd2
|
||||
};
|
||||
#ifdef BENCH_AESGCM_LARGE
|
||||
#endif
|
||||
#if defined(BENCH_AESGCM_LARGE) && \
|
||||
(defined(WOLFSSL_AES_192) || defined(WOLFSSL_AES_128))
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
|
||||
{
|
||||
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
|
||||
@@ -19402,7 +19412,8 @@ static wc_test_ret_t aesgcm_non12iv_test(Aes* enc, Aes* dec)
|
||||
byte resultT[sizeof(t1) + WC_AES_BLOCK_SIZE];
|
||||
byte resultP[sizeof(p) + WC_AES_BLOCK_SIZE];
|
||||
byte resultC[sizeof(p) + WC_AES_BLOCK_SIZE];
|
||||
#ifdef BENCH_AESGCM_LARGE
|
||||
#if defined(BENCH_AESGCM_LARGE) && \
|
||||
(defined(WOLFSSL_AES_192) || defined(WOLFSSL_AES_128))
|
||||
int alen = 0;
|
||||
#endif
|
||||
#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM)
|
||||
@@ -19781,6 +19792,7 @@ static wc_test_ret_t aesgcm_aes128_vector_test(Aes* enc, Aes* dec)
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
out:
|
||||
(void)dec;
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_128 && !WOLFSSL_AFALG_XILINX_AES */
|
||||
@@ -19829,7 +19841,6 @@ static wc_test_ret_t aesgcm_aes256_vector_test(Aes* enc, Aes* dec)
|
||||
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
|
||||
0xde, 0xca, 0xf8, 0x88
|
||||
};
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte c1[] =
|
||||
{
|
||||
0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
|
||||
@@ -19841,7 +19852,6 @@ static wc_test_ret_t aesgcm_aes256_vector_test(Aes* enc, Aes* dec)
|
||||
0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
|
||||
0xbc, 0xc9, 0xf6, 0x62
|
||||
};
|
||||
#endif
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
|
||||
{
|
||||
0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
|
||||
@@ -19891,6 +19901,7 @@ static wc_test_ret_t aesgcm_aes256_vector_test(Aes* enc, Aes* dec)
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
out:
|
||||
(void)dec;
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -19932,6 +19943,7 @@ static wc_test_ret_t aesgcm_aes256_large_test(Aes* enc, Aes* dec)
|
||||
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
|
||||
0xde, 0xca, 0xf8, 0x88
|
||||
};
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte c1[] =
|
||||
{
|
||||
0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
|
||||
@@ -19943,6 +19955,7 @@ static wc_test_ret_t aesgcm_aes256_large_test(Aes* enc, Aes* dec)
|
||||
0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
|
||||
0xbc, 0xc9, 0xf6, 0x62
|
||||
};
|
||||
#endif
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
|
||||
{
|
||||
0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
|
||||
@@ -20184,6 +20197,7 @@ static wc_test_ret_t aesgcm_aes256_large_test(Aes* enc, Aes* dec)
|
||||
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
|
||||
XFREE(large_aad, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
(void)dec;
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
@@ -20962,7 +20976,9 @@ static wc_test_ret_t aesccm_128_large_test(Aes* enc)
|
||||
{
|
||||
0x89, 0xd8, 0xd2, 0x02, 0xc5, 0xcf, 0xae, 0xf4
|
||||
};
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
byte pl2[sizeof(pl)];
|
||||
#endif
|
||||
byte cl2[sizeof(cl)];
|
||||
byte tl2[sizeof(tl)];
|
||||
|
||||
@@ -52097,7 +52113,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mlkem_test(void)
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_MLKEM_NO_MAKE_KEY)
|
||||
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WC_NO_CONSTRUCTORS) && \
|
||||
!defined(WOLFSSL_MLKEM_NO_MAKE_KEY)
|
||||
MlKemKey *tmpKey = NULL;
|
||||
#endif
|
||||
int key_inited = 0;
|
||||
@@ -52285,7 +52302,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mlkem_test(void)
|
||||
if (XMEMCMP(priv, priv2, testData[i][2]) != 0)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
#if !defined(WOLFSSL_NO_MALLOC)
|
||||
#if !defined(WOLFSSL_NO_MALLOC) && !defined(WC_NO_CONSTRUCTORS)
|
||||
tmpKey = wc_MlKemKey_New(testData[i][0], HEAP_HINT, devId);
|
||||
if (tmpKey == NULL)
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
@@ -55708,25 +55725,21 @@ static wc_test_ret_t test_mldsa_decode_level(const byte* rawKey,
|
||||
{
|
||||
int ret = 0;
|
||||
#if !defined(WOLFSSL_MLDSA_NO_ASN1) && defined(WOLFSSL_ASN_TEMPLATE)
|
||||
/* Size the buffer to accommodate the largest encoded key size */
|
||||
const word32 maxDerSz = MLDSA_MAX_PRV_KEY_DER_SIZE;
|
||||
word32 derSz;
|
||||
word32 idx;
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* der = NULL;
|
||||
#else
|
||||
byte der[MLDSA_MAX_PRV_KEY_DER_SIZE];
|
||||
#endif
|
||||
#endif
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
byte* der = NULL;
|
||||
wc_MlDsaKey *key = NULL;
|
||||
#else
|
||||
byte der[MLDSA_MAX_PRV_KEY_DER_SIZE];
|
||||
wc_MlDsaKey key[1];
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
/* Allocate DER buffer */
|
||||
der = (byte*)XMALLOC(maxDerSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
der = (byte*)XMALLOC(MLDSA_MAX_PRV_KEY_DER_SIZE, HEAP_HINT,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
key = (wc_MlDsaKey *)XMALLOC(sizeof(*key), HEAP_HINT,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (der == NULL || key == NULL) {
|
||||
@@ -55762,12 +55775,14 @@ static wc_test_ret_t test_mldsa_decode_level(const byte* rawKey,
|
||||
if (ret == 0) {
|
||||
#ifdef WOLFSSL_MLDSA_PUBLIC_KEY
|
||||
if (isPublicOnlyKey) {
|
||||
ret = wc_MlDsaKey_PublicKeyToDer(key, der, maxDerSz, 1);
|
||||
ret = wc_MlDsaKey_PublicKeyToDer(key, der,
|
||||
MLDSA_MAX_PRV_KEY_DER_SIZE, 1);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_MLDSA_PRIVATE_KEY
|
||||
if (!isPublicOnlyKey) {
|
||||
ret = wc_MlDsaKey_PrivateKeyToDer(key, der, maxDerSz);
|
||||
ret = wc_MlDsaKey_PrivateKeyToDer(key, der,
|
||||
MLDSA_MAX_PRV_KEY_DER_SIZE);
|
||||
}
|
||||
#endif
|
||||
if (ret >= 0) {
|
||||
|
||||
+2
-2
@@ -3462,11 +3462,11 @@ typedef struct PointFormat {
|
||||
|
||||
WOLFSSL_LOCAL int TLSX_SupportedCurve_Copy(TLSX* src, TLSX** dst, void* heap);
|
||||
WOLFSSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name,
|
||||
void* heap);
|
||||
void* heap, int side);
|
||||
|
||||
WOLFSSL_LOCAL int TLSX_UsePointFormat(TLSX** extensions, byte point,
|
||||
void* heap);
|
||||
WOLFSSL_LOCAL int TLSX_IsGroupSupported(int namedGroup);
|
||||
WOLFSSL_LOCAL int TLSX_IsGroupSupported(int namedGroup, int side);
|
||||
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
WOLFSSL_LOCAL int TLSX_ValidateSupportedCurves(const WOLFSSL* ssl, byte first,
|
||||
|
||||
+42
-21
@@ -2545,13 +2545,52 @@ WOLFSSL_API WOLFSSL_ASN1_INTEGER* wolfSSL_d2i_ASN1_INTEGER(
|
||||
WOLFSSL_API int wolfSSL_i2d_ASN1_INTEGER(const WOLFSSL_ASN1_INTEGER* a,
|
||||
unsigned char** pp);
|
||||
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime);
|
||||
/* ASN1_TIME APIs */
|
||||
/* These ASN1_TIME APIs operate only on the object's stored data and do not
|
||||
* use system time, so they remain available when NO_ASN_TIME is defined. */
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_get_length(const WOLFSSL_ASN1_TIME *t);
|
||||
WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
|
||||
WOLFSSL_ASN1_TIME **out);
|
||||
#endif
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void);
|
||||
WOLFSSL_API void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str);
|
||||
#endif
|
||||
|
||||
/* These ASN1_TIME APIs use system time or call APIs that are disabled when
|
||||
* NO_ASN_TIME is defined. */
|
||||
#ifndef NO_ASN_TIME
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio,
|
||||
const WOLFSSL_ASN1_TIME* asnTime);
|
||||
|
||||
WOLFSSL_API char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t,
|
||||
char* buf, int len);
|
||||
#ifndef NO_ASN_TIME
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime, struct tm* tm);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_to_tm(const WOLFSSL_ASN1_TIME* asnTime,
|
||||
struct tm* tm);
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s,
|
||||
time_t t);
|
||||
#endif
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* s,
|
||||
time_t t, int offset_day,
|
||||
long offset_sec);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int* days, int* secs, const WOLFSSL_ASN1_TIME* from,
|
||||
const WOLFSSL_ASN1_TIME* to);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_compare(const WOLFSSL_ASN1_TIME *a,
|
||||
const WOLFSSL_ASN1_TIME *b);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t,
|
||||
const char *str);
|
||||
#endif
|
||||
#endif /* !NO_ASN_TIME */
|
||||
|
||||
WOLFSSL_API int wolfSSL_ASN1_INTEGER_cmp(const WOLFSSL_ASN1_INTEGER* a,
|
||||
const WOLFSSL_ASN1_INTEGER* b);
|
||||
WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a);
|
||||
@@ -2559,10 +2598,6 @@ WOLFSSL_API long wolfSSL_ASN1_INTEGER_get(const WOLFSSL_ASN1_INTEGER* a);
|
||||
#ifdef OPENSSL_EXTRA
|
||||
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
|
||||
WOLFSSL_BIGNUM *bn);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME* s, time_t t,
|
||||
int offset_day, long offset_sec);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_new(void);
|
||||
WOLFSSL_API void wolfSSL_ASN1_TIME_free(WOLFSSL_ASN1_TIME* t);
|
||||
#endif
|
||||
|
||||
WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_load_client_CA_file(const char* fname);
|
||||
@@ -3369,15 +3404,6 @@ WOLFSSL_API int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_API int wolfSSL_ASN1_GENERALIZEDTIME_print(WOLFSSL_BIO* bio,
|
||||
const WOLFSSL_ASN1_GENERALIZEDTIME* asnTime);
|
||||
WOLFSSL_API void wolfSSL_ASN1_GENERALIZEDTIME_free(WOLFSSL_ASN1_GENERALIZEDTIME*);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_check(const WOLFSSL_ASN1_TIME* a);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_diff(int* days, int* secs, const WOLFSSL_ASN1_TIME* from,
|
||||
const WOLFSSL_ASN1_TIME* to);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_compare(const WOLFSSL_ASN1_TIME *a,
|
||||
const WOLFSSL_ASN1_TIME *b);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_set(WOLFSSL_ASN1_TIME *s, time_t t);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_set_string(WOLFSSL_ASN1_TIME *s, const char *str);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_set_string_X509(WOLFSSL_ASN1_TIME *t,
|
||||
const char *str);
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
|
||||
@@ -6091,11 +6117,6 @@ WOLFSSL_API void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *
|
||||
WOLFSSL_API const char *wolfSSL_ASN1_tag2str(int tag);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str, unsigned long flags);
|
||||
WOLFSSL_API int wolfSSL_ASN1_STRING_print(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str);
|
||||
WOLFSSL_API int wolfSSL_ASN1_TIME_get_length(const WOLFSSL_ASN1_TIME *t);
|
||||
WOLFSSL_API unsigned char* wolfSSL_ASN1_TIME_get_data(const WOLFSSL_ASN1_TIME *t);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME *wolfSSL_ASN1_TIME_to_generalizedtime(WOLFSSL_ASN1_TIME *t,
|
||||
WOLFSSL_ASN1_TIME **out);
|
||||
WOLFSSL_API WOLFSSL_ASN1_TIME* wolfSSL_ASN1_UTCTIME_set(WOLFSSL_ASN1_TIME *s, time_t t);
|
||||
WOLFSSL_API int wolfSSL_i2c_ASN1_INTEGER(WOLFSSL_ASN1_INTEGER *a, unsigned char **pp);
|
||||
WOLFSSL_API int wolfSSL_a2i_ASN1_INTEGER(WOLFSSL_BIO *bio, WOLFSSL_ASN1_INTEGER *asn1,
|
||||
char *buf, int size);
|
||||
|
||||
@@ -5253,6 +5253,13 @@ blinding by defining WC_BLINDING_NO_RNG_ACKNOWLEDGE_WEAKNESS."
|
||||
#undef WC_RNG_BANK_SUPPORT
|
||||
#endif
|
||||
|
||||
/* The OCSP responder time-stamps every response it generates (producedAt,
|
||||
* thisUpdate and, for revoked certs, revocationDate), so it needs ASN time
|
||||
* support. */
|
||||
#if defined(HAVE_OCSP_RESPONDER) && defined(NO_ASN_TIME)
|
||||
#undef HAVE_OCSP_RESPONDER
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_OCSP_RESPONDER
|
||||
#ifndef HAVE_OCSP
|
||||
#error "HAVE_OCSP_RESPONDER requires HAVE_OCSP"
|
||||
|
||||
Reference in New Issue
Block a user