mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 13:20:54 +02:00
Merge pull request #3522 from douzzer/cleanups-20201119
misc cleanups re sp-math-all, FIPS, smallstack
This commit is contained in:
+283
-272
@@ -196,7 +196,7 @@ AC_ARG_ENABLE([linuxkm-defaults],
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_OLD_PRIME_CHECK -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DSP_HALF_SIZE=32 -DSP_HALF_MAX=4294967295U"
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_OLD_PRIME_CHECK -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF"
|
||||
fi
|
||||
|
||||
AC_ARG_WITH([linux-source],
|
||||
@@ -241,30 +241,44 @@ fi
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
|
||||
then
|
||||
ENABLED_SP_DEFAULT=small
|
||||
ENABLED_SP_MATH_ALL_DEFAULT=small
|
||||
else
|
||||
ENABLED_SP_DEFAULT=no
|
||||
ENABLED_SP_MATH_ALL_DEFAULT=no
|
||||
fi
|
||||
|
||||
AC_ARG_ENABLE([sp],
|
||||
[AS_HELP_STRING([--enable-sp],[Enable Single Precision maths implementation (default: disabled)])],
|
||||
[ ENABLED_SP=$enableval ],
|
||||
[ ENABLED_SP=$ENABLED_SP_DEFAULT ],
|
||||
)
|
||||
|
||||
AC_ARG_ENABLE([sp-math-all],
|
||||
[AS_HELP_STRING([--enable-sp-math-all],[Enable Single Precision math implementation for full algorithm suite (default: disabled)])],
|
||||
[ ENABLED_SP_MATH_ALL=$enableval ],
|
||||
[ ENABLED_SP_MATH_ALL=$ENABLED_SP_MATH_ALL_DEFAULT ],
|
||||
)
|
||||
|
||||
# Single Precision maths exclusively (no fastmath)
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && test "$ENABLED_SP" != "no"
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes" && test "$ENABLED_SP" != "no" && test "$ENABLED_SP_MATH_ALL" = "no"
|
||||
then
|
||||
ENABLED_SP_MATH_DEFAULT=yes
|
||||
else
|
||||
ENABLED_SP_MATH_DEFAULT=no
|
||||
fi
|
||||
AC_ARG_ENABLE([sp-math],
|
||||
[AS_HELP_STRING([--enable-sp-math],[Enable Single Precision math implementation only (default: disabled)])],
|
||||
[AS_HELP_STRING([--enable-sp-math],[Enable Single Precision math implementation with restricted algorithm suite (default: disabled)])],
|
||||
[ ENABLED_SP_MATH=$enableval ],
|
||||
[ ENABLED_SP_MATH=$ENABLED_SP_MATH_DEFAULT ],
|
||||
)
|
||||
|
||||
|
||||
if test "$ENABLED_SP_MATH" != "no" && test "$ENABLED_SP_MATH_ALL" != "no"
|
||||
then
|
||||
AC_MSG_ERROR([cannot enable sp-math and sp-math-all simultaneously.])
|
||||
fi
|
||||
|
||||
|
||||
# ALL FEATURES
|
||||
AC_ARG_ENABLE([all],
|
||||
[AS_HELP_STRING([--enable-all],[Enable all wolfSSL features, except SSLv3 (default: disabled)])],
|
||||
@@ -273,101 +287,124 @@ AC_ARG_ENABLE([all],
|
||||
)
|
||||
if test "$ENABLED_ALL" = "yes"
|
||||
then
|
||||
enable_dtls=yes
|
||||
test "$enable_dtls" = "" && enable_dtls=yes
|
||||
if test "x$FIPS_VERSION" != "xv1"
|
||||
then
|
||||
enable_tls13=yes
|
||||
enable_rsapss=yes
|
||||
test "$enable_tls13" = "" && enable_tls13=yes
|
||||
test "$enable_rsapss" = "" && enable_rsapss=yes
|
||||
fi
|
||||
test "$enable_savesession" = "" && enable_savesession=yes
|
||||
test "$enable_savecert" = "" && enable_savecert=yes
|
||||
test "$enable_atomicuser" = "" && enable_atomicuser=yes
|
||||
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
|
||||
test "$enable_aesgcm" = "" && enable_aesgcm=yes
|
||||
test "$enable_aesccm" = "" && enable_aesccm=yes
|
||||
test "$enable_aesctr" = "" && enable_aesctr=yes
|
||||
test "$enable_aesofb" = "" && enable_aesofb=yes
|
||||
test "$enable_aescfb" = "" && enable_aescfb=yes
|
||||
test "$enable_camellia" = "" && enable_camellia=yes
|
||||
test "$enable_ripemd" = "" && enable_ripemd=yes
|
||||
test "$enable_sha512" = "" && enable_sha512=yes
|
||||
test "$enable_sha224" = "" && enable_sha224=yes
|
||||
test "$enable_sha3" = "" && enable_sha3=yes
|
||||
test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
|
||||
test "$enable_keygen" = "" && enable_keygen=yes
|
||||
test "$enable_certgen" = "" && enable_certgen=yes
|
||||
test "$enable_certreq" = "" && enable_certreq=yes
|
||||
test "$enable_certext" = "" && enable_certext=yes
|
||||
test "$enable_sep" = "" && enable_sep=yes
|
||||
test "$enable_hkdf" = "" && enable_hkdf=yes
|
||||
test "$enable_curve25519" = "" && enable_curve25519=yes
|
||||
test "$enable_curve448" = "" && enable_curve448=yes
|
||||
test "$enable_fpecc" = "" && enable_fpecc=yes
|
||||
test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
|
||||
test "$enable_psk" = "" && enable_psk=yes
|
||||
test "$enable_idea" = "" && enable_idea=yes
|
||||
test "$enable_cmac" = "" && enable_cmac=yes
|
||||
test "$enable_xts" = "" && enable_xts=yes
|
||||
test "$enable_webserver" = "" && enable_webserver=yes
|
||||
test "$enable_hc128" = "" && enable_hc128=yes
|
||||
test "$enable_rabbit" = "" && enable_rabbit=yes
|
||||
test "$enable_ocsp" = "" && enable_ocsp=yes
|
||||
test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
|
||||
test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
|
||||
test "$enable_crl" = "" && enable_crl=yes
|
||||
test "$enable_crl_monitor" = "" && enable_crl_monitor=yes
|
||||
test "$enable_sni" = "" && enable_sni=yes
|
||||
test "$enable_maxfragment" = "" && enable_maxfragment=yes
|
||||
test "$enable_alpn" = "" && enable_alpn=yes
|
||||
test "$enable_truncatedhmac" = "" && enable_truncatedhmac=yes
|
||||
test "$enable_trusted_ca" = "" && enable_trusted_ca=yes
|
||||
test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
|
||||
test "$enable_session_ticket" = "" && enable_session_ticket=yes
|
||||
test "$enable_tlsx" = "" && enable_tlsx=yes
|
||||
test "$enable_ssh" = "" && enable_ssh=yes
|
||||
test "$enable_pwdbased" = "" && enable_pwdbased=yes
|
||||
test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
|
||||
test "$enable_x963kdf" = "" && enable_x963kdf=yes
|
||||
test "$enable_scrypt" = "" && enable_scrypt=yes
|
||||
test "$enable_indef" = "" && enable_indef=yes
|
||||
test "$enable_enckeys" = "" && enable_enckeys=yes
|
||||
test "$enable_hashflags" = "" && enable_hashflags=yes
|
||||
test "$enable_defaultdhparams" = "" && enable_defaultdhparams=yes
|
||||
test "$enable_arc4" = "" && enable_arc4=yes
|
||||
test "$enable_des3" = "" && enable_des3=yes
|
||||
test "$enable_nullcipher" = "" && enable_nullcipher=yes
|
||||
test "$enable_blake2" = "" && enable_blake2=yes
|
||||
test "$enable_blake2s" = "" && enable_blake2s=yes
|
||||
test "$enable_md2" = "" && enable_md2=yes
|
||||
test "$enable_md4" = "" && enable_md4=yes
|
||||
test "$enable_postauth" = "" && enable_postauth=yes
|
||||
test "$enable_hrrcookie" = "" && enable_hrrcookie=yes
|
||||
test "$enable_cryptocb" = "" && enable_cryptocb=yes
|
||||
test "$enable_fallback_scsv" = "" && enable_fallback_scsv=yes
|
||||
test "$enable_anon" = "" && enable_anon=yes
|
||||
test "$enable_mcast" = "" && enable_mcast=yes
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
test "$enable_compkey" = "" && enable_compkey=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT"
|
||||
fi
|
||||
|
||||
# sp-math is incompatible with opensslextra, ECC custom curves, and DSA.
|
||||
if test "$ENABLED_SP_MATH" = "no"
|
||||
then
|
||||
test "$enable_dsa" = "" && enable_dsa=yes
|
||||
test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
|
||||
test "$enable_srp" = "" && enable_srp=yes
|
||||
# linuxkm is incompatible with opensslextra and its dependents.
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
if test "$ENABLED_FIPS" = "no"
|
||||
then
|
||||
test "$enable_openssh" = "" && enable_openssh=yes
|
||||
fi
|
||||
test "$enable_opensslextra" = "" && enable_opensslextra=yes
|
||||
test "$enable_opensslall" = "" && enable_opensslall=yes
|
||||
test "$enable_certservice" = "" && enable_certservice=yes
|
||||
test "$enable_jni" = "" && enable_jni=yes
|
||||
test "$enable_lighty" = "" && enable_lighty=yes
|
||||
test "$enable_haproxy" = "" && enable_haproxy=yes
|
||||
test "$enable_stunnel" = "" && enable_stunnel=yes
|
||||
test "$enable_nginx" = "" && enable_nginx=yes
|
||||
test "$enable_openvpn" = "" && enable_openvpn=yes
|
||||
test "$enable_asio" = "" && enable_asio=yes
|
||||
test "$enable_libwebsockets" = "" && enable_libwebsockets=yes
|
||||
test "$enable_qt" = "" && enable_qt=yes
|
||||
fi
|
||||
# Enable ECC Import checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FIPS" = "no"
|
||||
then
|
||||
test "$enable_xchacha" = "" && enable_xchacha=yes
|
||||
test "$enable_scep" = "" && enable_scep=yes
|
||||
test "$enable_pkcs7" = "" && enable_pkcs7=yes
|
||||
test "$enable_ed25519" = "" && enable_ed25519=yes
|
||||
test "$enable_ed448" = "" && enable_ed448=yes
|
||||
fi
|
||||
enable_openssh=yes
|
||||
enable_opensslextra=yes
|
||||
enable_opensslall=yes
|
||||
enable_savesession=yes
|
||||
enable_savecert=yes
|
||||
enable_atomicuser=yes
|
||||
enable_pkcallbacks=yes
|
||||
enable_aesgcm=yes
|
||||
enable_aesccm=yes
|
||||
enable_aesctr=yes
|
||||
enable_aesofb=yes
|
||||
enable_aescfb=yes
|
||||
enable_camellia=yes
|
||||
enable_ripemd=yes
|
||||
enable_sha512=yes
|
||||
enable_sha224=yes
|
||||
enable_sha3=yes
|
||||
enable_sessioncerts=yes
|
||||
enable_keygen=yes
|
||||
enable_certgen=yes
|
||||
enable_certreq=yes
|
||||
enable_certext=yes
|
||||
enable_sep=yes
|
||||
enable_hkdf=yes
|
||||
enable_dsa=yes
|
||||
enable_ecccustcurves=yes
|
||||
enable_compkey=yes
|
||||
enable_curve25519=yes
|
||||
enable_curve448=yes
|
||||
enable_ed448=yes
|
||||
enable_ed25519=yes
|
||||
enable_fpecc=yes
|
||||
enable_eccencrypt=yes
|
||||
enable_psk=yes
|
||||
enable_idea=yes
|
||||
enable_cmac=yes
|
||||
enable_xts=yes
|
||||
enable_webserver=yes
|
||||
enable_hc128=yes
|
||||
enable_rabbit=yes
|
||||
enable_xchacha=yes
|
||||
enable_ocsp=yes
|
||||
enable_ocspstapling=yes
|
||||
enable_ocspstapling2=yes
|
||||
enable_crl=yes
|
||||
enable_crl_monitor=yes
|
||||
enable_sni=yes
|
||||
enable_maxfragment=yes
|
||||
enable_alpn=yes
|
||||
enable_truncatedhmac=yes
|
||||
enable_trusted_ca=yes
|
||||
enable_supportedcurves=yes
|
||||
enable_session_ticket=yes
|
||||
enable_tlsx=yes
|
||||
enable_pkcs7=yes
|
||||
enable_ssh=yes
|
||||
enable_scep=yes
|
||||
enable_srp=yes
|
||||
enable_certservice=yes
|
||||
enable_jni=yes
|
||||
enable_lighty=yes
|
||||
enable_haproxy=yes
|
||||
enable_stunnel=yes
|
||||
enable_nginx=yes
|
||||
enable_openvpn=yes
|
||||
enable_asio=yes
|
||||
enable_libwebsockets=yes
|
||||
enable_qt=yes
|
||||
enable_pwdbased=yes
|
||||
enable_aeskeywrap=yes
|
||||
enable_x963kdf=yes
|
||||
enable_scrypt=yes
|
||||
enable_indef=yes
|
||||
enable_enckeys=yes
|
||||
enable_hashflags=yes
|
||||
enable_defaultdhparams=yes
|
||||
enable_arc4=yes
|
||||
enable_des3=yes
|
||||
enable_nullcipher=yes
|
||||
enable_blake2=yes
|
||||
enable_blake2s=yes
|
||||
enable_md2=yes
|
||||
enable_md4=yes
|
||||
enable_postauth=yes
|
||||
enable_hrrcookie=yes
|
||||
enable_cryptocb=yes
|
||||
enable_fallback_scsv=yes
|
||||
enable_anon=yes
|
||||
enable_mcast=yes
|
||||
|
||||
# Enable DH const table speedups (eliminates `-lm` math lib dependency)
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_FFDHE_2048 -DHAVE_FFDHE_3072 -DFP_MAX_BITS=8192"
|
||||
@@ -380,42 +417,6 @@ then
|
||||
|
||||
# Enable ECC Key Gen checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_KEYGEN"
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_SP_MATH" = "no"
|
||||
then
|
||||
# Enable ECC Import checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT"
|
||||
else
|
||||
# sp-math is incompatible with opensslextra, ECC custom curves, and DSA:
|
||||
|
||||
enable_openssh=no
|
||||
enable_opensslextra=no
|
||||
enable_opensslall=no
|
||||
enable_dsa=no
|
||||
enable_ecccustcurves=no
|
||||
enable_srp=no
|
||||
enable_certservice=no
|
||||
enable_jni=no
|
||||
enable_lighty=no
|
||||
enable_haproxy=no
|
||||
enable_stunnel=no
|
||||
enable_nginx=no
|
||||
enable_apachehttpd=no
|
||||
enable_openvpn=no
|
||||
enable_asio=no
|
||||
enable_libwebsockets=no
|
||||
enable_qt=no
|
||||
fi
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
|
||||
then
|
||||
enable_compkey=no
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
@@ -427,66 +428,79 @@ AC_ARG_ENABLE([all-crypto],
|
||||
)
|
||||
if test "$ENABLED_ALL_CRYPT" = "yes"
|
||||
then
|
||||
enable_atomicuser=yes
|
||||
enable_pkcallbacks=yes
|
||||
enable_aesgcm=yes
|
||||
enable_aesccm=yes
|
||||
enable_aesctr=yes
|
||||
enable_aesofb=yes
|
||||
enable_aescfb=yes
|
||||
enable_camellia=yes
|
||||
enable_ripemd=yes
|
||||
enable_sha512=yes
|
||||
enable_sha224=yes
|
||||
enable_sha3=yes
|
||||
enable_sessioncerts=yes
|
||||
enable_keygen=yes
|
||||
enable_certgen=yes
|
||||
enable_certreq=yes
|
||||
enable_certext=yes
|
||||
enable_sep=yes
|
||||
enable_hkdf=yes
|
||||
enable_curve25519=yes
|
||||
enable_curve448=yes
|
||||
enable_ed448=yes
|
||||
enable_ed25519=yes
|
||||
enable_fpecc=yes
|
||||
enable_eccencrypt=yes
|
||||
enable_psk=yes
|
||||
enable_idea=yes
|
||||
enable_cmac=yes
|
||||
enable_xts=yes
|
||||
enable_hc128=yes
|
||||
enable_rabbit=yes
|
||||
enable_xchacha=yes
|
||||
enable_ocsp=yes
|
||||
enable_ocspstapling=yes
|
||||
enable_ocspstapling2=yes
|
||||
enable_crl=yes
|
||||
enable_supportedcurves=yes
|
||||
enable_tlsx=yes
|
||||
enable_pkcs7=yes
|
||||
enable_pwdbased=yes
|
||||
enable_aeskeywrap=yes
|
||||
enable_x963kdf=yes
|
||||
enable_scrypt=yes
|
||||
enable_indef=yes
|
||||
enable_enckeys=yes
|
||||
enable_hashflags=yes
|
||||
enable_defaultdhparams=yes
|
||||
enable_arc4=yes
|
||||
enable_des3=yes
|
||||
enable_nullcipher=yes
|
||||
enable_blake2=yes
|
||||
enable_blake2s=yes
|
||||
enable_md2=yes
|
||||
enable_md4=yes
|
||||
enable_cryptocb=yes
|
||||
enable_anon=yes
|
||||
test "$enable_atomicuser" = "" && enable_atomicuser=yes
|
||||
test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
|
||||
test "$enable_aesgcm" = "" && enable_aesgcm=yes
|
||||
test "$enable_aesccm" = "" && enable_aesccm=yes
|
||||
test "$enable_aesctr" = "" && enable_aesctr=yes
|
||||
test "$enable_aesofb" = "" && enable_aesofb=yes
|
||||
test "$enable_aescfb" = "" && enable_aescfb=yes
|
||||
test "$enable_camellia" = "" && enable_camellia=yes
|
||||
test "$enable_ripemd" = "" && enable_ripemd=yes
|
||||
test "$enable_sha512" = "" && enable_sha512=yes
|
||||
test "$enable_sha224" = "" && enable_sha224=yes
|
||||
test "$enable_sha3" = "" && enable_sha3=yes
|
||||
test "$enable_sessioncerts" = "" && enable_sessioncerts=yes
|
||||
test "$enable_keygen" = "" && enable_keygen=yes
|
||||
test "$enable_certgen" = "" && enable_certgen=yes
|
||||
test "$enable_certreq" = "" && enable_certreq=yes
|
||||
test "$enable_certext" = "" && enable_certext=yes
|
||||
test "$enable_sep" = "" && enable_sep=yes
|
||||
test "$enable_hkdf" = "" && enable_hkdf=yes
|
||||
test "$enable_curve25519" = "" && enable_curve25519=yes
|
||||
test "$enable_curve448" = "" && enable_curve448=yes
|
||||
test "$enable_fpecc" = "" && enable_fpecc=yes
|
||||
test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
|
||||
test "$enable_psk" = "" && enable_psk=yes
|
||||
test "$enable_idea" = "" && enable_idea=yes
|
||||
test "$enable_cmac" = "" && enable_cmac=yes
|
||||
test "$enable_xts" = "" && enable_xts=yes
|
||||
test "$enable_hc128" = "" && enable_hc128=yes
|
||||
test "$enable_rabbit" = "" && enable_rabbit=yes
|
||||
test "$enable_ocsp" = "" && enable_ocsp=yes
|
||||
test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
|
||||
test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
|
||||
test "$enable_crl" = "" && enable_crl=yes
|
||||
test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
|
||||
test "$enable_tlsx" = "" && enable_tlsx=yes
|
||||
test "$enable_pwdbased" = "" && enable_pwdbased=yes
|
||||
test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
|
||||
test "$enable_x963kdf" = "" && enable_x963kdf=yes
|
||||
test "$enable_scrypt" = "" && enable_scrypt=yes
|
||||
test "$enable_indef" = "" && enable_indef=yes
|
||||
test "$enable_enckeys" = "" && enable_enckeys=yes
|
||||
test "$enable_hashflags" = "" && enable_hashflags=yes
|
||||
test "$enable_defaultdhparams" = "" && enable_defaultdhparams=yes
|
||||
test "$enable_arc4" = "" && enable_arc4=yes
|
||||
test "$enable_des3" = "" && enable_des3=yes
|
||||
test "$enable_nullcipher" = "" && enable_nullcipher=yes
|
||||
test "$enable_blake2" = "" && enable_blake2=yes
|
||||
test "$enable_blake2s" = "" && enable_blake2s=yes
|
||||
test "$enable_md2" = "" && enable_md2=yes
|
||||
test "$enable_md4" = "" && enable_md4=yes
|
||||
test "$enable_cryptocb" = "" && enable_cryptocb=yes
|
||||
test "$enable_anon" = "" && enable_anon=yes
|
||||
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
|
||||
then
|
||||
enable_compkey=yes
|
||||
test "$enable_compkey" = "" && enable_compkey=yes
|
||||
fi
|
||||
|
||||
if test "$ENABLED_SP_MATH" = "no"
|
||||
then
|
||||
test "$enable_dsa" = "" && enable_dsa=yes
|
||||
test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
|
||||
|
||||
# Enable ECC Import checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT"
|
||||
fi
|
||||
|
||||
if test "$ENABLED_FIPS" != "yes"
|
||||
then
|
||||
test "$enable_xchacha" = "" && enable_xchacha=yes
|
||||
test "$enable_ed25519" = "" && enable_ed25519=yes
|
||||
test "$enable_ed448" = "" && enable_ed448=yes
|
||||
test "$enable_pkcs7" = "" && enable_pkcs7=yes
|
||||
fi
|
||||
|
||||
# Enable AES Decrypt, AES ECB, Alt Names, DER Load
|
||||
@@ -501,14 +515,6 @@ then
|
||||
# Enable ECC Key Gen checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_KEYGEN"
|
||||
|
||||
if test "$ENABLED_SP_MATH" = "no"
|
||||
then
|
||||
enable_dsa=yes
|
||||
enable_ecccustcurves=yes
|
||||
|
||||
# Enable ECC Import checks
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VALIDATE_ECC_IMPORT"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
@@ -3696,16 +3702,10 @@ fi
|
||||
|
||||
|
||||
# Small Stack - Cache on object
|
||||
if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
|
||||
then
|
||||
ENABLED_SMALL_STACK_CACHE_DEFAULT=yes
|
||||
else
|
||||
ENABLED_SMALL_STACK_CACHE_DEFAULT=no
|
||||
fi
|
||||
AC_ARG_ENABLE([smallstackcache],
|
||||
[AS_HELP_STRING([--enable-smallstackcache],[Enable Small Stack Usage Caching (default: disabled)])],
|
||||
[ ENABLED_SMALL_STACK_CACHE=$enableval ],
|
||||
[ ENABLED_SMALL_STACK_CACHE=$ENABLED_SMALL_STACK_CACHE_DEFAULT ]
|
||||
[ ENABLED_SMALL_STACK_CACHE=no ]
|
||||
)
|
||||
|
||||
if test "x$ENABLED_SMALL_STACK_CACHE" = "xyes"
|
||||
@@ -4891,63 +4891,6 @@ if test "$ENABLED_SMALL" = "yes"; then
|
||||
fi
|
||||
|
||||
|
||||
AC_ARG_ENABLE([sp-asm],
|
||||
[AS_HELP_STRING([--enable-sp-asm],[Enable Single Precision assembly implementation (default: disabled)])],
|
||||
[ ENABLED_SP_ASM=$enableval ],
|
||||
[ ENABLED_SP_ASM=no ],
|
||||
)
|
||||
if test "$ENABLED_SP_ASM" = "yes"; then
|
||||
if test "$ENABLED_SP" = "no"; then
|
||||
AC_MSG_ERROR([Must have SP enabled: --enable-sp])
|
||||
fi
|
||||
if test "$ENABLED_SP_NONBLOCK" = "yes"; then
|
||||
AC_MSG_ERROR([SP non-blocking not supported with sp-asm])
|
||||
fi
|
||||
if test "$ENABLED_ASM" = "no"; then
|
||||
AC_MSG_ERROR([Assembly code turned off])
|
||||
fi
|
||||
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ASM"
|
||||
case $host_cpu in
|
||||
*aarch64*)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM64_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM64_ASM"
|
||||
ENABLED_SP_ARM64_ASM=yes
|
||||
;;
|
||||
*arm*)
|
||||
if test $host_alias = "thumb"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
|
||||
ENABLED_SP_ARM_THUMB_ASM=yes
|
||||
else
|
||||
if test $host_alias = "cortex"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
|
||||
ENABLED_SP_ARM_CORTEX_ASM=yes
|
||||
else
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
|
||||
ENABLED_SP_ARM32_ASM=yes
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
*x86_64*)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_X86_64_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_X86_64_ASM"
|
||||
ENABLED_SP_X86_64_ASM=yes
|
||||
if test "x$ENABLED_FASTMATH" = "xno"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_X86_64_BUILD"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
AC_MSG_ERROR([ASM not available for CPU. Supported CPUs: x86_64, aarch64, arm])
|
||||
;;
|
||||
esac
|
||||
|
||||
fi
|
||||
|
||||
if test "$ENABLED_SP_MATH" = "yes"; then
|
||||
if test "$ENABLED_SP" = "no"; then
|
||||
AC_MSG_ERROR([Must have SP enabled: --enable-sp])
|
||||
@@ -4975,11 +4918,6 @@ if test "$ENABLED_SP_MATH" = "yes"; then
|
||||
ENABLED_SLOWMATH="no"
|
||||
fi
|
||||
|
||||
AC_ARG_ENABLE([sp-math-all],
|
||||
[AS_HELP_STRING([--enable-sp-math],[Enable Single Precision math implementation only (default: disabled)])],
|
||||
[ ENABLED_SP_MATH_ALL=$enableval ],
|
||||
[ ENABLED_SP_MATH_ALL=no ],
|
||||
)
|
||||
for v in `echo $ENABLED_SP_MATH_ALL | tr "," " "`
|
||||
do
|
||||
case $v in
|
||||
@@ -5061,10 +4999,70 @@ if test "$ENABLED_SP_MATH_ALL" = "yes"; then
|
||||
esac
|
||||
fi
|
||||
|
||||
|
||||
AC_ARG_ENABLE([sp-asm],
|
||||
[AS_HELP_STRING([--enable-sp-asm],[Enable Single Precision assembly implementation (default: disabled)])],
|
||||
[ ENABLED_SP_ASM=$enableval ],
|
||||
[ ENABLED_SP_ASM=no ],
|
||||
)
|
||||
if test "$ENABLED_SP_ASM" = "yes"; then
|
||||
if test "$ENABLED_SP" = "no"; then
|
||||
AC_MSG_ERROR([Must have SP enabled: --enable-sp])
|
||||
fi
|
||||
if test "$ENABLED_SP_NONBLOCK" = "yes"; then
|
||||
AC_MSG_ERROR([SP non-blocking not supported with sp-asm])
|
||||
fi
|
||||
if test "$ENABLED_ASM" = "no"; then
|
||||
AC_MSG_ERROR([Assembly code turned off])
|
||||
fi
|
||||
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ASM"
|
||||
case $host_cpu in
|
||||
*aarch64*)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM64_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM64_ASM"
|
||||
ENABLED_SP_ARM64_ASM=yes
|
||||
;;
|
||||
*arm*)
|
||||
if test $host_alias = "thumb"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
|
||||
ENABLED_SP_ARM_THUMB_ASM=yes
|
||||
else
|
||||
if test $host_alias = "cortex"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
|
||||
ENABLED_SP_ARM_CORTEX_ASM=yes
|
||||
else
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
|
||||
ENABLED_SP_ARM32_ASM=yes
|
||||
fi
|
||||
fi
|
||||
;;
|
||||
*x86_64*)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_X86_64_ASM"
|
||||
AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_X86_64_ASM"
|
||||
ENABLED_SP_X86_64_ASM=yes
|
||||
if test "x$ENABLED_FASTMATH" = "xno"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_X86_64_BUILD"
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
AC_MSG_ERROR([ASM not available for CPU. Supported CPUs: x86_64, aarch64, arm])
|
||||
;;
|
||||
esac
|
||||
|
||||
fi
|
||||
|
||||
|
||||
if test "$ENABLED_SP_MATH" = "yes"; then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_MATH"
|
||||
fi
|
||||
|
||||
|
||||
# Fast RSA using Intel IPP
|
||||
ippdir="${srcdir}/IPP"
|
||||
ipplib="lib" # if autoconf guesses 32bit system changes lib directory
|
||||
@@ -5848,8 +5846,8 @@ if test "x$ENABLED_LINUXKM" = "xyes"; then
|
||||
if test "$ENABLED_SMALL_STACK" != "yes"; then
|
||||
AC_MSG_ERROR([--enable-smallstack is required for --enable-linuxkm.])
|
||||
fi
|
||||
if test "$ENABLED_SP_MATH" = "no"; then
|
||||
AC_MSG_ERROR([--enable-sp-math is required for --enable-linuxkm.])
|
||||
if test "$ENABLED_SP_MATH" = "no" && test "$ENABLED_SP_MATH_ALL" = "no"; then
|
||||
AC_MSG_ERROR([--enable-sp-math or --enable-sp-math-all is required for --enable-linuxkm.])
|
||||
fi
|
||||
if test "$ENABLED_STACKSIZE" = "yes"; then
|
||||
AC_MSG_ERROR([--enable-stacksize is incompatible with --enable-linuxkm.])
|
||||
@@ -5986,10 +5984,10 @@ AM_CONDITIONAL([BUILD_NO_LIBRARY],[test "$ENABLED_NO_LIBRARY" = "yes"])
|
||||
AM_CONDITIONAL([BUILD_RC2],[test "x$ENABLED_RC2" = "xyes"])
|
||||
|
||||
if test "$ax_enable_debug" = "yes" ||
|
||||
test "$ENABLED_STACKSIZE" = "yes" ||
|
||||
(test "$ENABLED_LEANTLS" = "no" &&
|
||||
test "$ENABLED_LEANPSK" = "no" &&
|
||||
test "$ENABLED_LOWRESOURCE" = "no")
|
||||
test "$ENABLED_STACKSIZE" = "yes" ||
|
||||
(test "$ENABLED_LEANTLS" = "no" &&
|
||||
test "$ENABLED_LEANPSK" = "no" &&
|
||||
test "$ENABLED_LOWRESOURCE" = "no")
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_WC_INTROSPECTION"
|
||||
fi
|
||||
@@ -6145,6 +6143,11 @@ echo " * make -j: $enable_jobserver"
|
||||
echo " * VCS checkout: $ac_cv_vcs_checkout"
|
||||
echo
|
||||
echo " Features "
|
||||
if test "$ENABLED_FIPS" = "yes"; then
|
||||
echo " * FIPS: $FIPS_VERSION"
|
||||
else
|
||||
echo " * FIPS: $ENABLED_FIPS"
|
||||
fi
|
||||
echo " * Single threaded: $ENABLED_SINGLETHREADED"
|
||||
echo " * Filesystem: $ENABLED_FILESYSTEM"
|
||||
echo " * OpenSSH Build: $ENABLED_OPENSSH"
|
||||
@@ -6282,7 +6285,15 @@ echo " * Stack sizes in tests: $ENABLED_STACKSIZE"
|
||||
echo " * User Crypto: $ENABLED_USER_CRYPTO"
|
||||
echo " * Fast RSA: $ENABLED_FAST_RSA"
|
||||
echo " * Single Precision: $ENABLED_SP"
|
||||
echo " * SP math implementation: $ENABLED_SP_MATH_ALL"
|
||||
if test "$ENABLED_SP_MATH_ALL" != "no"
|
||||
then
|
||||
echo " * SP math implementation: all"
|
||||
elif test "$ENABLED_SP_MATH" != "no"
|
||||
then
|
||||
echo " * SP math implementation: restricted"
|
||||
else
|
||||
echo " * SP math implementation: no"
|
||||
fi
|
||||
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
|
||||
echo " * PKCS#11: $ENABLED_PKCS11"
|
||||
echo " * PKCS#12: $ENABLED_PKCS12"
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
_Example_
|
||||
\code
|
||||
Sha256 sha256[1];
|
||||
if ((ret = wc_InitSha356(sha256)) != 0) {
|
||||
if ((ret = wc_InitSha256(sha256)) != 0) {
|
||||
WOLFSSL_MSG("wc_InitSha256 failed");
|
||||
}
|
||||
else {
|
||||
@@ -76,7 +76,7 @@ WOLFSSL_API int wc_Sha256Update(wc_Sha256*, const byte*, word32);
|
||||
byte data[] = { Data to be hashed };
|
||||
word32 len = sizeof(data);
|
||||
|
||||
if ((ret = wc_InitSha356(sha256)) != 0) {
|
||||
if ((ret = wc_InitSha256(sha256)) != 0) {
|
||||
WOLFSSL_MSG("wc_InitSha256 failed");
|
||||
}
|
||||
else {
|
||||
@@ -137,7 +137,7 @@ WOLFSSL_API void wc_Sha256Free(wc_Sha256*);
|
||||
_Example_
|
||||
\code
|
||||
Sha256 sha256[1];
|
||||
if ((ret = wc_InitSha356(sha256)) != 0) {
|
||||
if ((ret = wc_InitSha256(sha256)) != 0) {
|
||||
WOLFSSL_MSG("wc_InitSha256 failed");
|
||||
}
|
||||
else {
|
||||
|
||||
+2
-2
@@ -351,7 +351,7 @@ static word32 GetEntropy(unsigned char* out, word32 num_bytes)
|
||||
static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
|
||||
{
|
||||
(void)opaque;
|
||||
return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
|
||||
return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
|
||||
}
|
||||
|
||||
|
||||
@@ -6052,7 +6052,7 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
|
||||
}
|
||||
|
||||
/* Allocate memory for key */
|
||||
*pKey = XMALLOC(sz, ssl->heap, type);
|
||||
*pKey = (void *)XMALLOC(sz, ssl->heap, type);
|
||||
if (*pKey == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
@@ -29045,7 +29045,7 @@ void *wolfSSL_ASN1_item_new(const WOLFSSL_ASN1_ITEM *tpl)
|
||||
if (!tpl) {
|
||||
return NULL;
|
||||
}
|
||||
if (!(ret = XMALLOC(tpl->size, NULL, DYNAMIC_TYPE_OPENSSL))) {
|
||||
if (!(ret = (void *)XMALLOC(tpl->size, NULL, DYNAMIC_TYPE_OPENSSL))) {
|
||||
return NULL;
|
||||
}
|
||||
XMEMSET(ret, 0, tpl->size);
|
||||
@@ -30353,7 +30353,7 @@ WOLFSSL_RSA* wolfSSL_RSA_generate_key(int len, unsigned long e,
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (wolfSSL_BN_set_word(bn, (WOLFSSL_BN_ULONG)e) != WOLFSSL_SUCCESS) {
|
||||
if (wolfSSL_BN_set_word(bn, e) != WOLFSSL_SUCCESS) {
|
||||
WOLFSSL_MSG("Error using e value");
|
||||
wolfSSL_BN_free(bn);
|
||||
return NULL;
|
||||
@@ -31817,7 +31817,7 @@ void wolfSSL_OPENSSL_free(void* p)
|
||||
|
||||
void *wolfSSL_OPENSSL_malloc(size_t a)
|
||||
{
|
||||
return XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
return (void *)XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||
}
|
||||
|
||||
int wolfSSL_OPENSSL_init_ssl(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
|
||||
@@ -46279,17 +46279,30 @@ int wolfSSL_BN_is_odd(const WOLFSSL_BIGNUM* bn)
|
||||
|
||||
/* return compliant with OpenSSL
|
||||
* 1 if BIGNUM is word, 0 else */
|
||||
int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
int wolfSSL_BN_is_word(const WOLFSSL_BIGNUM* bn, unsigned long w)
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_BN_is_word");
|
||||
WOLFSSL_MSG("wolfSSL_BN_is_word");
|
||||
|
||||
if (bn == NULL || bn->internal == NULL) {
|
||||
WOLFSSL_MSG("bn NULL error");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (mp_isword((mp_int*)bn->internal, w) == MP_YES) {
|
||||
return WOLFSSL_SUCCESS;
|
||||
if (w <= MP_MASK) {
|
||||
if (mp_isword((mp_int*)bn->internal, (mp_digit)w) == MP_YES) {
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
} else {
|
||||
int ret;
|
||||
mp_int w_mp;
|
||||
if (mp_init(&w_mp) != MP_OKAY)
|
||||
return WOLFSSL_FAILURE;
|
||||
if (mp_set_int(&w_mp, w) != MP_OKAY)
|
||||
return WOLFSSL_FAILURE;
|
||||
ret = mp_cmp((mp_int *)bn->internal, &w_mp);
|
||||
mp_free(&w_mp);
|
||||
if (ret == MP_EQ)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
return WOLFSSL_FAILURE;
|
||||
@@ -46723,7 +46736,7 @@ WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM* r, const WOLFSSL_BIGNUM* bn)
|
||||
/* return code compliant with OpenSSL :
|
||||
* 1 if success, 0 else
|
||||
*/
|
||||
int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, unsigned long w)
|
||||
{
|
||||
WOLFSSL_MSG("wolfSSL_BN_set_word");
|
||||
|
||||
@@ -46740,6 +46753,21 @@ int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
return WOLFSSL_SUCCESS;
|
||||
}
|
||||
|
||||
static WOLFSSL_BN_ULONG wolfSSL_BN_get_word_1(mp_int *mp) {
|
||||
#if DIGIT_BIT == (SIZEOF_LONG * 8)
|
||||
return (WOLFSSL_BN_ULONG)mp->dp[0];
|
||||
#else
|
||||
WOLFSSL_BN_ULONG ret = 0UL;
|
||||
int digit_i;
|
||||
|
||||
for (digit_i = 0; digit_i < mp->used; ++digit_i) {
|
||||
ret <<= (WOLFSSL_BN_ULONG)DIGIT_BIT;
|
||||
ret |= (WOLFSSL_BN_ULONG)mp->dp[digit_i];
|
||||
}
|
||||
|
||||
return ret;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Returns the big number as an unsigned long if possible.
|
||||
*
|
||||
@@ -46747,10 +46775,8 @@ int wolfSSL_BN_set_word(WOLFSSL_BIGNUM* bn, WOLFSSL_BN_ULONG w)
|
||||
*
|
||||
* Returns value or 0xFFFFFFFFL if bigger than unsigned long.
|
||||
*/
|
||||
unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn)
|
||||
WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn)
|
||||
{
|
||||
mp_int* mp;
|
||||
|
||||
WOLFSSL_MSG("wolfSSL_BN_get_word");
|
||||
|
||||
if (bn == NULL) {
|
||||
@@ -46762,9 +46788,8 @@ unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM* bn)
|
||||
WOLFSSL_MSG("bignum is larger than unsigned long");
|
||||
return 0xFFFFFFFFL;
|
||||
}
|
||||
mp = (mp_int*)bn->internal;
|
||||
|
||||
return (unsigned long)(mp->dp[0]);
|
||||
return wolfSSL_BN_get_word_1((mp_int*)bn->internal);
|
||||
}
|
||||
|
||||
/* return code compliant with OpenSSL :
|
||||
@@ -46877,9 +46902,24 @@ int wolfSSL_BN_add_word(WOLFSSL_BIGNUM *bn, WOLFSSL_BN_ULONG w)
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (mp_add_d((mp_int*)bn->internal, w, (mp_int*)bn->internal) != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_add_d error");
|
||||
return WOLFSSL_FAILURE;
|
||||
if (w <= MP_MASK) {
|
||||
if (mp_add_d((mp_int*)bn->internal, (mp_digit)w, (mp_int*)bn->internal) != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_add_d error");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
} else {
|
||||
int ret;
|
||||
mp_int w_mp;
|
||||
if (mp_init(&w_mp) != MP_OKAY)
|
||||
return WOLFSSL_FAILURE;
|
||||
if (mp_set_int(&w_mp, w) != MP_OKAY)
|
||||
return WOLFSSL_FAILURE;
|
||||
ret = mp_add((mp_int *)bn->internal, &w_mp, (mp_int *)bn->internal);
|
||||
mp_free(&w_mp);
|
||||
if (ret != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_add error");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
@@ -47014,9 +47054,30 @@ WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM *bn,
|
||||
return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
|
||||
if (mp_mod_d((mp_int*)bn->internal, w, &ret) != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_add_d error");
|
||||
return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR;
|
||||
if (w <= MP_MASK) {
|
||||
mp_digit bn_ret;
|
||||
if (mp_mod_d((mp_int*)bn->internal, (WOLFSSL_BN_ULONG)w, &bn_ret) != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_add_d error");
|
||||
return (WOLFSSL_BN_ULONG)WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
ret = (WOLFSSL_BN_ULONG)bn_ret;
|
||||
} else {
|
||||
int mp_ret;
|
||||
mp_int w_mp, r_mp;
|
||||
if (mp_init(&w_mp) != MP_OKAY)
|
||||
return (unsigned long)WOLFSSL_FAILURE;
|
||||
if (mp_init(&r_mp) != MP_OKAY)
|
||||
return (unsigned long)WOLFSSL_FAILURE;
|
||||
if (mp_set_int(&w_mp, w) != MP_OKAY)
|
||||
return (unsigned long)WOLFSSL_FAILURE;
|
||||
mp_ret = mp_mod((mp_int *)bn->internal, &w_mp, &r_mp);
|
||||
ret = wolfSSL_BN_get_word_1(&r_mp);
|
||||
mp_free(&r_mp);
|
||||
mp_free(&w_mp);
|
||||
if (mp_ret != MP_OKAY) {
|
||||
WOLFSSL_MSG("mp_mod error");
|
||||
return (WOLFSSL_BN_ULONG)WOLFSSL_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
||||
+1
-1
@@ -2091,7 +2091,7 @@ void* mynewt_ctx_new() {
|
||||
if(!mynewt_ctx) return NULL;
|
||||
|
||||
XMEMSET(mynewt_ctx, 0, sizeof(Mynewt_Ctx));
|
||||
mynewt_ctx->mnMemBuffer = XMALLOC(mempool_bytes, 0, 0);
|
||||
mynewt_ctx->mnMemBuffer = (void *)XMALLOC(mempool_bytes, 0, 0);
|
||||
if(!mynewt_ctx->mnMemBuffer) {
|
||||
mynewt_ctx_clear((void*)mynewt_ctx);
|
||||
return NULL;
|
||||
|
||||
+1
-1
@@ -1193,7 +1193,7 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
indefItems = XMALLOC(sizeof(IndefItems), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
indefItems = (IndefItems *)XMALLOC(sizeof(IndefItems), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (indefItems == NULL) {
|
||||
ret = MEMORY_E;
|
||||
goto end;
|
||||
|
||||
@@ -360,7 +360,7 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
|
||||
byte *dst_i;
|
||||
size_t src_len_rem;
|
||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||
ChaChaPoly_Aead *aead = XMALLOC(sizeof *aead, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ChaChaPoly_Aead *aead = (ChaChaPoly_Aead *)XMALLOC(sizeof *aead, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if (aead == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
@@ -47,7 +47,7 @@
|
||||
static void* myAlloc(void* opaque, unsigned int item, unsigned int size)
|
||||
{
|
||||
(void)opaque;
|
||||
return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
|
||||
return (void *)XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ);
|
||||
}
|
||||
|
||||
|
||||
|
||||
+323
-115
@@ -654,32 +654,67 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
|
||||
|
||||
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
{
|
||||
mp_int k, kInv, r, s, H;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *k = (mp_int *)XMALLOC(sizeof *k,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *kInv = (mp_int *)XMALLOC(sizeof *kInv,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *r = (mp_int *)XMALLOC(sizeof *r,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *H = (mp_int *)XMALLOC(sizeof *H,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
mp_int b;
|
||||
mp_int *b = (mp_int *)XMALLOC(sizeof *b,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
byte *buffer = (byte *)XMALLOC(DSA_HALF_SIZE, key->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#else
|
||||
mp_int k[1], kInv[1], r[1], s[1], H[1];
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
mp_int b[1];
|
||||
#endif
|
||||
byte buffer[DSA_HALF_SIZE];
|
||||
#endif
|
||||
mp_int* qMinus1;
|
||||
int ret = 0, sz;
|
||||
byte buffer[DSA_HALF_SIZE];
|
||||
int ret = 0, sz = 0;
|
||||
byte* tmp; /* initial output pointer */
|
||||
|
||||
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
tmp = out;
|
||||
|
||||
sz = min((int)sizeof(buffer), mp_unsigned_bin_size(&key->q));
|
||||
|
||||
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY)
|
||||
if (mp_init_multi(k, kInv, r, s, H, 0) != MP_OKAY)
|
||||
#else
|
||||
if (mp_init_multi(&k, &kInv, &r, &s, &H, &b) != MP_OKAY)
|
||||
if (mp_init_multi(k, kInv, r, s, H, b) != MP_OKAY)
|
||||
#endif
|
||||
{
|
||||
return MP_INIT_E;
|
||||
ret = MP_INIT_E;
|
||||
goto out;
|
||||
}
|
||||
qMinus1 = &kInv;
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if ((k == NULL) ||
|
||||
(kInv == NULL) ||
|
||||
(r == NULL) ||
|
||||
(s == NULL) ||
|
||||
(H == NULL)
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
|| (b == NULL)
|
||||
#endif
|
||||
|| (buffer == NULL)) {
|
||||
ret = MEMORY_E;
|
||||
goto out;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (digest == NULL || out == NULL || key == NULL || rng == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
sz = min(DSA_HALF_SIZE, mp_unsigned_bin_size(&key->q));
|
||||
tmp = out;
|
||||
qMinus1 = kInv;
|
||||
|
||||
/* NIST FIPS 186-4: B.2.2
|
||||
* Per-Message Secret Number Generation by Testing Candidates
|
||||
@@ -687,159 +722,248 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
* Check that k is less than q-1: range [0, q-2].
|
||||
* Add 1 to k: range [1, q-1].
|
||||
*/
|
||||
if (mp_sub_d(&key->q, 1, qMinus1))
|
||||
if (mp_sub_d(&key->q, 1, qMinus1)) {
|
||||
ret = MP_SUB_E;
|
||||
|
||||
if (ret == 0) {
|
||||
do {
|
||||
/* Step 4: generate k */
|
||||
ret = wc_RNG_GenerateBlock(rng, buffer, sz);
|
||||
|
||||
/* Step 5 */
|
||||
if (ret == 0 && mp_read_unsigned_bin(&k, buffer, sz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
/* k is a random numnber and it should be less than q-1
|
||||
* if k greater than repeat
|
||||
*/
|
||||
/* Step 6 */
|
||||
} while (ret == 0 && mp_cmp(&k, qMinus1) != MP_LT);
|
||||
goto out;
|
||||
}
|
||||
|
||||
do {
|
||||
/* Step 4: generate k */
|
||||
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* Step 5 */
|
||||
if (mp_read_unsigned_bin(k, buffer, sz) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* k is a random numnber and it should be less than q-1
|
||||
* if k greater than repeat
|
||||
*/
|
||||
/* Step 6 */
|
||||
} while (mp_cmp(k, qMinus1) != MP_LT);
|
||||
|
||||
/* Step 7 */
|
||||
if (ret == 0 && mp_add_d(&k, 1, &k) != MP_OKAY)
|
||||
if (mp_add_d(k, 1, k) != MP_OKAY) {
|
||||
ret = MP_MOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
/* inverse k mod q */
|
||||
if (ret == 0 && mp_invmod(&k, &key->q, &kInv) != MP_OKAY)
|
||||
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
|
||||
ret = MP_INVMOD_E;
|
||||
|
||||
/* generate r, r = (g exp k mod p) mod q */
|
||||
if (ret == 0 && mp_exptmod_ex(&key->g, &k, key->q.used, &key->p,
|
||||
&r) != MP_OKAY) {
|
||||
ret = MP_EXPTMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_mod(&r, &key->q, &r) != MP_OKAY)
|
||||
/* generate r, r = (g exp k mod p) mod q */
|
||||
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
|
||||
ret = MP_EXPTMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (mp_mod(r, &key->q, r) != MP_OKAY) {
|
||||
ret = MP_MOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* generate H from sha digest */
|
||||
if (ret == 0 && mp_read_unsigned_bin(&H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY)
|
||||
if (mp_read_unsigned_bin(H, digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* generate s, s = (kInv * (H + x*r)) % q */
|
||||
if (ret == 0 && mp_mul(&key->x, &r, &s) != MP_OKAY)
|
||||
if (mp_mul(&key->x, r, s) != MP_OKAY) {
|
||||
ret = MP_MUL_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_add(&s, &H, &s) != MP_OKAY)
|
||||
if (mp_add(s, H, s) != MP_OKAY) {
|
||||
ret = MP_ADD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_mulmod(&s, &kInv, &key->q, &s) != MP_OKAY)
|
||||
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
#else
|
||||
/* Blinding value
|
||||
* Generate b in range [1, q-1].
|
||||
*/
|
||||
if (ret == 0) {
|
||||
do {
|
||||
ret = wc_RNG_GenerateBlock(rng, buffer, sz);
|
||||
if (ret == 0 && mp_read_unsigned_bin(&b, buffer, sz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
} while (ret == 0 && mp_cmp(&b, qMinus1) != MP_LT);
|
||||
}
|
||||
if (ret == 0 && mp_add_d(&b, 1, &b) != MP_OKAY)
|
||||
do {
|
||||
if ((ret = wc_RNG_GenerateBlock(rng, buffer, sz))) {
|
||||
goto out;
|
||||
}
|
||||
if (mp_read_unsigned_bin(b, buffer, sz) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
} while (mp_cmp(b, qMinus1) != MP_LT);
|
||||
|
||||
if (mp_add_d(b, 1, b) != MP_OKAY) {
|
||||
ret = MP_MOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* set H from sha digest */
|
||||
if (ret == 0 && mp_read_unsigned_bin(&H, digest,
|
||||
WC_SHA_DIGEST_SIZE) != MP_OKAY) {
|
||||
if (mp_read_unsigned_bin(H, digest, WC_SHA_DIGEST_SIZE) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* generate r, r = (g exp k mod p) mod q */
|
||||
if (ret == 0 && mp_exptmod_ex(&key->g, &k, key->q.used, &key->p,
|
||||
&r) != MP_OKAY) {
|
||||
if (mp_exptmod_ex(&key->g, k, key->q.used, &key->p, r) != MP_OKAY) {
|
||||
ret = MP_EXPTMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* calculate s = (H + xr)/k
|
||||
= b.(H/k.b + x.r/k.b) */
|
||||
/* calculate s = (H + xr)/k = b.(H/k.b + x.r/k.b) */
|
||||
|
||||
/* k = k.b */
|
||||
if (ret == 0 && mp_mulmod(&k, &b, &key->q, &k) != MP_OKAY)
|
||||
if (mp_mulmod(k, b, &key->q, k) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* kInv = 1/k.b mod q */
|
||||
if (ret == 0 && mp_invmod(&k, &key->q, &kInv) != MP_OKAY)
|
||||
if (mp_invmod(k, &key->q, kInv) != MP_OKAY) {
|
||||
ret = MP_INVMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_mod(&r, &key->q, &r) != MP_OKAY)
|
||||
if (mp_mod(r, &key->q, r) != MP_OKAY) {
|
||||
ret = MP_MOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* s = x.r */
|
||||
if (ret == 0 && mp_mul(&key->x, &r, &s) != MP_OKAY)
|
||||
if (mp_mul(&key->x, r, s) != MP_OKAY) {
|
||||
ret = MP_MUL_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* s = x.r/k.b */
|
||||
if (ret == 0 && mp_mulmod(&s, &kInv, &key->q, &s) != MP_OKAY)
|
||||
if (mp_mulmod(s, kInv, &key->q, s) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* H = H/k.b */
|
||||
if (ret == 0 && mp_mulmod(&H, &kInv, &key->q, &H) != MP_OKAY)
|
||||
if (mp_mulmod(H, kInv, &key->q, H) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* s = H/k.b + x.r/k.b
|
||||
= (H + x.r)/k.b */
|
||||
if (ret == 0 && mp_add(&s, &H, &s) != MP_OKAY)
|
||||
/* s = H/k.b + x.r/k.b = (H + x.r)/k.b */
|
||||
if (mp_add(s, H, s) != MP_OKAY) {
|
||||
ret = MP_ADD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* s = b.(e + x.r)/k.b
|
||||
= (e + x.r)/k */
|
||||
if (ret == 0 && mp_mulmod(&s, &b, &key->q, &s) != MP_OKAY)
|
||||
/* s = b.(e + x.r)/k.b = (e + x.r)/k */
|
||||
if (mp_mulmod(s, b, &key->q, s) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* s = (e + x.r)/k */
|
||||
if (ret == 0 && mp_mod(&s, &key->q, &s) != MP_OKAY)
|
||||
if (mp_mod(s, &key->q, s) != MP_OKAY) {
|
||||
ret = MP_MOD_E;
|
||||
goto out;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* detect zero r or s */
|
||||
if (ret == 0 && (mp_iszero(&r) == MP_YES || mp_iszero(&s) == MP_YES))
|
||||
if ((mp_iszero(r) == MP_YES) || (mp_iszero(s) == MP_YES)) {
|
||||
ret = MP_ZERO_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* write out */
|
||||
if (ret == 0) {
|
||||
int rSz = mp_unsigned_bin_size(&r);
|
||||
int sSz = mp_unsigned_bin_size(&s);
|
||||
{
|
||||
int rSz = mp_unsigned_bin_size(r);
|
||||
int sSz = mp_unsigned_bin_size(s);
|
||||
|
||||
while (rSz++ < DSA_HALF_SIZE) {
|
||||
*out++ = 0x00; /* pad front with zeros */
|
||||
}
|
||||
|
||||
if (mp_to_unsigned_bin(&r, out) != MP_OKAY)
|
||||
if (mp_to_unsigned_bin(r, out) != MP_OKAY)
|
||||
ret = MP_TO_E;
|
||||
else {
|
||||
out = tmp + DSA_HALF_SIZE; /* advance to s in output */
|
||||
while (sSz++ < DSA_HALF_SIZE) {
|
||||
*out++ = 0x00; /* pad front with zeros */
|
||||
}
|
||||
ret = mp_to_unsigned_bin(&s, out);
|
||||
ret = mp_to_unsigned_bin(s, out);
|
||||
}
|
||||
}
|
||||
|
||||
ForceZero(buffer, sz);
|
||||
mp_forcezero(&kInv);
|
||||
mp_forcezero(&k);
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
mp_forcezero(&b);
|
||||
out:
|
||||
|
||||
mp_clear(&b);
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (k) {
|
||||
if (ret != MP_INIT_E) {
|
||||
mp_forcezero(k);
|
||||
mp_clear(k);
|
||||
}
|
||||
XFREE(k, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (kInv) {
|
||||
if (ret != MP_INIT_E) {
|
||||
mp_forcezero(kInv);
|
||||
mp_clear(kInv);
|
||||
}
|
||||
XFREE(kInv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (r) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(r);
|
||||
XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (s) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(s);
|
||||
XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (H) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(H);
|
||||
XFREE(H, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
if (b) {
|
||||
if (ret != MP_INIT_E) {
|
||||
mp_forcezero(b);
|
||||
mp_clear(b);
|
||||
}
|
||||
XFREE(b, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#endif
|
||||
if (buffer) {
|
||||
ForceZero(buffer, sz);
|
||||
XFREE(buffer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#else /* !WOLFSSL_SMALL_STACK */
|
||||
if (ret != MP_INIT_E) {
|
||||
ForceZero(buffer, sz);
|
||||
mp_forcezero(kInv);
|
||||
mp_forcezero(k);
|
||||
#ifndef WOLFSSL_MP_INVMOD_CONSTANT_TIME
|
||||
mp_forcezero(b);
|
||||
mp_clear(b);
|
||||
#endif
|
||||
mp_clear(H);
|
||||
mp_clear(s);
|
||||
mp_clear(r);
|
||||
mp_clear(kInv);
|
||||
mp_clear(k);
|
||||
}
|
||||
#endif
|
||||
mp_clear(&H);
|
||||
mp_clear(&s);
|
||||
mp_clear(&r);
|
||||
mp_clear(&kInv);
|
||||
mp_clear(&k);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -847,70 +971,154 @@ int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
|
||||
|
||||
int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
|
||||
{
|
||||
mp_int w, u1, u2, v, r, s;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *w = (mp_int *)XMALLOC(sizeof *w,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *u1 = (mp_int *)XMALLOC(sizeof *u1,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *u2 = (mp_int *)XMALLOC(sizeof *u2,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *v = (mp_int *)XMALLOC(sizeof *v,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *r = (mp_int *)XMALLOC(sizeof *r,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s,
|
||||
key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#else
|
||||
mp_int w[1], u1[1], u2[1], v[1], r[1], s[1];
|
||||
#endif
|
||||
int ret = 0;
|
||||
|
||||
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
if (mp_init_multi(w, u1, u2, v, r, s) != MP_OKAY) {
|
||||
ret = MP_INIT_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (mp_init_multi(&w, &u1, &u2, &v, &r, &s) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
if (digest == NULL || sig == NULL || key == NULL || answer == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if ((w == NULL) ||
|
||||
(u1 == NULL) ||
|
||||
(u2 == NULL) ||
|
||||
(v == NULL) ||
|
||||
(r == NULL) ||
|
||||
(s == NULL)) {
|
||||
ret = MEMORY_E;
|
||||
goto out;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* set r and s from signature */
|
||||
if (mp_read_unsigned_bin(&r, sig, DSA_HALF_SIZE) != MP_OKAY ||
|
||||
mp_read_unsigned_bin(&s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY)
|
||||
if (mp_read_unsigned_bin(r, sig, DSA_HALF_SIZE) != MP_OKAY ||
|
||||
mp_read_unsigned_bin(s, sig + DSA_HALF_SIZE, DSA_HALF_SIZE) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* sanity checks */
|
||||
if (ret == 0) {
|
||||
if (mp_iszero(&r) == MP_YES || mp_iszero(&s) == MP_YES ||
|
||||
mp_cmp(&r, &key->q) != MP_LT || mp_cmp(&s, &key->q) != MP_LT) {
|
||||
ret = MP_ZERO_E;
|
||||
}
|
||||
if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES ||
|
||||
mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
|
||||
ret = MP_ZERO_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* put H into u1 from sha digest */
|
||||
if (ret == 0 && mp_read_unsigned_bin(&u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY)
|
||||
if (mp_read_unsigned_bin(u1,digest,WC_SHA_DIGEST_SIZE) != MP_OKAY) {
|
||||
ret = MP_READ_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* w = s invmod q */
|
||||
if (ret == 0 && mp_invmod(&s, &key->q, &w) != MP_OKAY)
|
||||
if (mp_invmod(s, &key->q, w) != MP_OKAY) {
|
||||
ret = MP_INVMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* u1 = (H * w) % q */
|
||||
if (ret == 0 && mp_mulmod(&u1, &w, &key->q, &u1) != MP_OKAY)
|
||||
if (mp_mulmod(u1, w, &key->q, u1) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* u2 = (r * w) % q */
|
||||
if (ret == 0 && mp_mulmod(&r, &w, &key->q, &u2) != MP_OKAY)
|
||||
if (mp_mulmod(r, w, &key->q, u2) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* verify v = ((g^u1 * y^u2) mod p) mod q */
|
||||
if (ret == 0 && mp_exptmod(&key->g, &u1, &key->p, &u1) != MP_OKAY)
|
||||
if (mp_exptmod(&key->g, u1, &key->p, u1) != MP_OKAY) {
|
||||
ret = MP_EXPTMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_exptmod(&key->y, &u2, &key->p, &u2) != MP_OKAY)
|
||||
if (mp_exptmod(&key->y, u2, &key->p, u2) != MP_OKAY) {
|
||||
ret = MP_EXPTMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_mulmod(&u1, &u2, &key->p, &v) != MP_OKAY)
|
||||
if (mp_mulmod(u1, u2, &key->p, v) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ret == 0 && mp_mod(&v, &key->q, &v) != MP_OKAY)
|
||||
if (mp_mod(v, &key->q, v) != MP_OKAY) {
|
||||
ret = MP_MULMOD_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* do they match */
|
||||
if (ret == 0 && mp_cmp(&r, &v) == MP_EQ)
|
||||
if (mp_cmp(r, v) == MP_EQ)
|
||||
*answer = 1;
|
||||
else
|
||||
*answer = 0;
|
||||
|
||||
mp_clear(&s);
|
||||
mp_clear(&r);
|
||||
mp_clear(&u1);
|
||||
mp_clear(&u2);
|
||||
mp_clear(&w);
|
||||
mp_clear(&v);
|
||||
out:
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (s) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(s);
|
||||
XFREE(s, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (r) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(r);
|
||||
XFREE(r, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (u1) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(u1);
|
||||
XFREE(u1, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (u2) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(u2);
|
||||
XFREE(u2, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (w) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(w);
|
||||
XFREE(w, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (v) {
|
||||
if (ret != MP_INIT_E)
|
||||
mp_clear(v);
|
||||
XFREE(v, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#else
|
||||
if (ret != MP_INIT_E) {
|
||||
mp_clear(s);
|
||||
mp_clear(r);
|
||||
mp_clear(u1);
|
||||
mp_clear(u2);
|
||||
mp_clear(w);
|
||||
mp_clear(v);
|
||||
}
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
+142
-66
@@ -2938,23 +2938,28 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
|
||||
ecc_point *tG, *M[M_POINTS];
|
||||
int i, err;
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
ecc_key key;
|
||||
ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, heap, DYNAMIC_TYPE_ECC);
|
||||
#endif
|
||||
mp_digit mp;
|
||||
|
||||
if (k == NULL || G == NULL || R == NULL || modulus == NULL) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
/* init variables */
|
||||
tG = NULL;
|
||||
XMEMSET(M, 0, sizeof(M));
|
||||
|
||||
if (k == NULL || G == NULL || R == NULL || modulus == NULL) {
|
||||
err = ECC_BAD_ARG_E;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
err = ecc_key_tmp_init(&key, heap);
|
||||
if (key == NULL) {
|
||||
err = MP_MEM;
|
||||
goto exit;
|
||||
}
|
||||
err = ecc_key_tmp_init(key, heap);
|
||||
if (err != MP_OKAY)
|
||||
goto exit;
|
||||
R->key = &key;
|
||||
R->key = key;
|
||||
#endif /* WOLFSSL_SMALL_STACK_CACHE */
|
||||
|
||||
/* alloc ram for window temps */
|
||||
@@ -2965,7 +2970,7 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
|
||||
goto exit;
|
||||
}
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
M[i]->key = &key;
|
||||
M[i]->key = key;
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -3001,8 +3006,13 @@ exit:
|
||||
wc_ecc_del_point_h(M[i], heap);
|
||||
}
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
R->key = NULL;
|
||||
ecc_key_tmp_final(&key, heap);
|
||||
if (key) {
|
||||
if (R)
|
||||
R->key = NULL;
|
||||
if (err == MP_OKAY)
|
||||
ecc_key_tmp_final(key, heap);
|
||||
XFREE(key, heap, DYNAMIC_TYPE_ECC);
|
||||
}
|
||||
#endif /* WOLFSSL_SMALL_STACK_CACHE */
|
||||
|
||||
return err;
|
||||
@@ -10762,40 +10772,66 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
|
||||
return res;
|
||||
#else
|
||||
int res, legendre, done = 0;
|
||||
mp_int t1, C, Q, S, Z, M, T, R, two;
|
||||
mp_digit i;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
mp_int *t1 = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *C = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *Q = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *S = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *Z = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *M = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *T = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *R = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
mp_int *two = (mp_int *)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
|
||||
if ((t1 == NULL) ||
|
||||
(C == NULL) ||
|
||||
(Q == NULL) ||
|
||||
(S == NULL) ||
|
||||
(Z == NULL) ||
|
||||
(M == NULL) ||
|
||||
(T == NULL) ||
|
||||
(R == NULL) ||
|
||||
(two == NULL)) {
|
||||
res = MP_MEM;
|
||||
goto out;
|
||||
}
|
||||
#else
|
||||
mp_int t1[1], C[1], Q[1], S[1], Z[1], M[1], T[1], R[1], two[1];
|
||||
#endif
|
||||
|
||||
/* first handle the simple cases n = 0 or n = 1 */
|
||||
if (mp_cmp_d(n, 0) == MP_EQ) {
|
||||
mp_zero(ret);
|
||||
return MP_OKAY;
|
||||
res = MP_OKAY;
|
||||
goto out;
|
||||
}
|
||||
if (mp_cmp_d(n, 1) == MP_EQ) {
|
||||
return mp_set(ret, 1);
|
||||
res = mp_set(ret, 1);
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* prime must be odd */
|
||||
if (mp_cmp_d(prime, 2) == MP_EQ) {
|
||||
return MP_VAL;
|
||||
res = MP_VAL;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* is quadratic non-residue mod prime */
|
||||
if ((res = mp_jacobi(n, prime, &legendre)) != MP_OKAY) {
|
||||
return res;
|
||||
goto out;
|
||||
}
|
||||
if (legendre == -1) {
|
||||
return MP_VAL;
|
||||
res = MP_VAL;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ((res = mp_init_multi(&t1, &C, &Q, &S, &Z, &M)) != MP_OKAY)
|
||||
return res;
|
||||
if ((res = mp_init_multi(t1, C, Q, S, Z, M)) != MP_OKAY)
|
||||
goto out;
|
||||
|
||||
if ((res = mp_init_multi(&T, &R, &two, NULL, NULL, NULL))
|
||||
!= MP_OKAY) {
|
||||
mp_clear(&t1); mp_clear(&C); mp_clear(&Q); mp_clear(&S); mp_clear(&Z);
|
||||
mp_clear(&M);
|
||||
return res;
|
||||
}
|
||||
if ((res = mp_init_multi(T, R, two, NULL, NULL, NULL))
|
||||
!= MP_OKAY)
|
||||
goto out;
|
||||
|
||||
/* SPECIAL CASE: if prime mod 4 == 3
|
||||
* compute directly: res = n^(prime+1)/4 mod prime
|
||||
@@ -10803,14 +10839,14 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
|
||||
*/
|
||||
res = mp_mod_d(prime, 4, &i);
|
||||
if (res == MP_OKAY && i == 3) {
|
||||
res = mp_add_d(prime, 1, &t1);
|
||||
res = mp_add_d(prime, 1, t1);
|
||||
|
||||
if (res == MP_OKAY)
|
||||
res = mp_div_2(&t1, &t1);
|
||||
res = mp_div_2(t1, t1);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_div_2(&t1, &t1);
|
||||
res = mp_div_2(t1, t1);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(n, &t1, prime, ret);
|
||||
res = mp_exptmod(n, t1, prime, ret);
|
||||
|
||||
done = 1;
|
||||
}
|
||||
@@ -10821,122 +10857,162 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
|
||||
/* factor out powers of 2 from prime-1, defining Q and S
|
||||
* as: prime-1 = Q*2^S */
|
||||
/* Q = prime - 1 */
|
||||
res = mp_copy(prime, &Q);
|
||||
res = mp_copy(prime, Q);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_sub_d(&Q, 1, &Q);
|
||||
res = mp_sub_d(Q, 1, Q);
|
||||
|
||||
/* S = 0 */
|
||||
if (res == MP_OKAY)
|
||||
mp_zero(&S);
|
||||
mp_zero(S);
|
||||
|
||||
while (res == MP_OKAY && mp_iseven(&Q) == MP_YES) {
|
||||
while (res == MP_OKAY && mp_iseven(Q) == MP_YES) {
|
||||
/* Q = Q / 2 */
|
||||
res = mp_div_2(&Q, &Q);
|
||||
res = mp_div_2(Q, Q);
|
||||
|
||||
/* S = S + 1 */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_add_d(&S, 1, &S);
|
||||
res = mp_add_d(S, 1, S);
|
||||
}
|
||||
|
||||
/* find a Z such that the Legendre symbol (Z|prime) == -1 */
|
||||
/* Z = 2 */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_set_int(&Z, 2);
|
||||
res = mp_set_int(Z, 2);
|
||||
|
||||
while (res == MP_OKAY) {
|
||||
res = mp_jacobi(&Z, prime, &legendre);
|
||||
res = mp_jacobi(Z, prime, &legendre);
|
||||
if (res == MP_OKAY && legendre == -1)
|
||||
break;
|
||||
|
||||
/* Z = Z + 1 */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_add_d(&Z, 1, &Z);
|
||||
res = mp_add_d(Z, 1, Z);
|
||||
}
|
||||
|
||||
/* C = Z ^ Q mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(&Z, &Q, prime, &C);
|
||||
res = mp_exptmod(Z, Q, prime, C);
|
||||
|
||||
/* t1 = (Q + 1) / 2 */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_add_d(&Q, 1, &t1);
|
||||
res = mp_add_d(Q, 1, t1);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_div_2(&t1, &t1);
|
||||
res = mp_div_2(t1, t1);
|
||||
|
||||
/* R = n ^ ((Q + 1) / 2) mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(n, &t1, prime, &R);
|
||||
res = mp_exptmod(n, t1, prime, R);
|
||||
|
||||
/* T = n ^ Q mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(n, &Q, prime, &T);
|
||||
res = mp_exptmod(n, Q, prime, T);
|
||||
|
||||
/* M = S */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_copy(&S, &M);
|
||||
res = mp_copy(S, M);
|
||||
|
||||
if (res == MP_OKAY)
|
||||
res = mp_set_int(&two, 2);
|
||||
res = mp_set_int(two, 2);
|
||||
|
||||
while (res == MP_OKAY && done == 0) {
|
||||
res = mp_copy(&T, &t1);
|
||||
res = mp_copy(T, t1);
|
||||
|
||||
/* reduce to 1 and count */
|
||||
i = 0;
|
||||
while (res == MP_OKAY) {
|
||||
if (mp_cmp_d(&t1, 1) == MP_EQ)
|
||||
if (mp_cmp_d(t1, 1) == MP_EQ)
|
||||
break;
|
||||
res = mp_exptmod(&t1, &two, prime, &t1);
|
||||
res = mp_exptmod(t1, two, prime, t1);
|
||||
if (res == MP_OKAY)
|
||||
i++;
|
||||
}
|
||||
if (res == MP_OKAY && i == 0) {
|
||||
res = mp_copy(&R, ret);
|
||||
res = mp_copy(R, ret);
|
||||
done = 1;
|
||||
}
|
||||
|
||||
if (done == 0) {
|
||||
/* t1 = 2 ^ (M - i - 1) */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_sub_d(&M, i, &t1);
|
||||
res = mp_sub_d(M, i, t1);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_sub_d(&t1, 1, &t1);
|
||||
res = mp_sub_d(t1, 1, t1);
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(&two, &t1, prime, &t1);
|
||||
res = mp_exptmod(two, t1, prime, t1);
|
||||
|
||||
/* t1 = C ^ (2 ^ (M - i - 1)) mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_exptmod(&C, &t1, prime, &t1);
|
||||
res = mp_exptmod(C, t1, prime, t1);
|
||||
|
||||
/* C = (t1 * t1) mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_sqrmod(&t1, prime, &C);
|
||||
res = mp_sqrmod(t1, prime, C);
|
||||
|
||||
/* R = (R * t1) mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_mulmod(&R, &t1, prime, &R);
|
||||
res = mp_mulmod(R, t1, prime, R);
|
||||
|
||||
/* T = (T * C) mod prime */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_mulmod(&T, &C, prime, &T);
|
||||
res = mp_mulmod(T, C, prime, T);
|
||||
|
||||
/* M = i */
|
||||
if (res == MP_OKAY)
|
||||
res = mp_set(&M, i);
|
||||
res = mp_set(M, i);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* done */
|
||||
mp_clear(&t1);
|
||||
mp_clear(&C);
|
||||
mp_clear(&Q);
|
||||
mp_clear(&S);
|
||||
mp_clear(&Z);
|
||||
mp_clear(&M);
|
||||
mp_clear(&T);
|
||||
mp_clear(&R);
|
||||
mp_clear(&two);
|
||||
out:
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (t1) {
|
||||
mp_clear(t1);
|
||||
XFREE(t1, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (C) {
|
||||
mp_clear(C);
|
||||
XFREE(C, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (Q) {
|
||||
mp_clear(Q);
|
||||
XFREE(Q, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (S) {
|
||||
mp_clear(S);
|
||||
XFREE(S, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (Z) {
|
||||
mp_clear(Z);
|
||||
XFREE(Z, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (M) {
|
||||
mp_clear(M);
|
||||
XFREE(M, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (T) {
|
||||
mp_clear(T);
|
||||
XFREE(T, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (R) {
|
||||
mp_clear(R);
|
||||
XFREE(R, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
if (two) {
|
||||
mp_clear(two);
|
||||
XFREE(two, NULL, DYNAMIC_TYPE_ECC_BUFFER);
|
||||
}
|
||||
#else
|
||||
mp_clear(t1);
|
||||
mp_clear(C);
|
||||
mp_clear(Q);
|
||||
mp_clear(S);
|
||||
mp_clear(Z);
|
||||
mp_clear(M);
|
||||
mp_clear(T);
|
||||
mp_clear(R);
|
||||
mp_clear(two);
|
||||
#endif
|
||||
|
||||
return res;
|
||||
#endif
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include <wolfssl/wolfcrypt/settings.h>
|
||||
#include <wolfssl/wolfcrypt/wc_port.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
|
||||
#ifndef NO_HMAC
|
||||
|
||||
@@ -562,10 +562,10 @@ void mp_rshb (mp_int *c, int x)
|
||||
mp_digit r, rr;
|
||||
mp_digit D = x;
|
||||
|
||||
/* shifting by a negative number not supported */
|
||||
if (x < 0) return;
|
||||
/* shifting by zero changes nothing */
|
||||
if (x == 0) return;
|
||||
/* shifting by a negative number not supported, and shifting by
|
||||
* zero changes nothing.
|
||||
*/
|
||||
if (x <= 0) return;
|
||||
|
||||
/* shift digits first if needed */
|
||||
if (x >= DIGIT_BIT) {
|
||||
|
||||
@@ -1980,6 +1980,10 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
|
||||
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || defined(WOLFSSL_HAVE_SP_RSA)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Modular exponentiation implementations using Single Precision. */
|
||||
WOLFSSL_LOCAL int sp_ModExp_1024(sp_int* base, sp_int* exp, sp_int* mod,
|
||||
sp_int* res);
|
||||
@@ -1992,6 +1996,10 @@ WOLFSSL_LOCAL int sp_ModExp_3072(sp_int* base, sp_int* exp, sp_int* mod,
|
||||
WOLFSSL_LOCAL int sp_ModExp_4096(sp_int* base, sp_int* exp, sp_int* mod,
|
||||
sp_int* res);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
|
||||
@@ -4994,7 +5002,6 @@ int sp_mod(sp_int* a, sp_int* m, sp_int* r)
|
||||
t->dp[5] = l;
|
||||
l = h;
|
||||
h = o;
|
||||
o = 0;
|
||||
SP_ASM_MUL_ADD_NO(l, h, a->dp[3], b->dp[3]);
|
||||
t->dp[6] = l;
|
||||
t->dp[7] = h;
|
||||
@@ -5118,7 +5125,6 @@ int sp_mod(sp_int* a, sp_int* m, sp_int* r)
|
||||
t->dp[9] = l;
|
||||
l = h;
|
||||
h = o;
|
||||
o = 0;
|
||||
SP_ASM_MUL_ADD_NO(l, h, a->dp[5], b->dp[5]);
|
||||
t->dp[10] = l;
|
||||
t->dp[11] = h;
|
||||
@@ -9687,7 +9693,6 @@ int sp_mul_2d(sp_int* a, int e, sp_int* r)
|
||||
t->dp[5] = l;
|
||||
l = h;
|
||||
h = o;
|
||||
o = 0;
|
||||
SP_ASM_SQR_ADD_NO(l, h, a->dp[3]);
|
||||
t->dp[6] = l;
|
||||
t->dp[7] = h;
|
||||
@@ -9803,7 +9808,6 @@ int sp_mul_2d(sp_int* a, int e, sp_int* r)
|
||||
t->dp[9] = l;
|
||||
l = h;
|
||||
h = o;
|
||||
o = 0;
|
||||
SP_ASM_SQR_ADD_NO(l, h, a->dp[5]);
|
||||
t->dp[10] = l;
|
||||
t->dp[11] = h;
|
||||
|
||||
+174
-58
@@ -631,117 +631,233 @@ static int wc_SrpSetKey(Srp* srp, byte* secret, word32 size)
|
||||
int wc_SrpComputeKey(Srp* srp, byte* clientPubKey, word32 clientPubKeySz,
|
||||
byte* serverPubKey, word32 serverPubKeySz)
|
||||
{
|
||||
SrpHash hash;
|
||||
byte *secret;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
SrpHash *hash = (SrpHash *)XMALLOC(sizeof *hash, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
byte *digest = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *u = (mp_int *)XMALLOC(sizeof *u, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *s = (mp_int *)XMALLOC(sizeof *s, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *temp1 = (mp_int *)XMALLOC(sizeof *temp1, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_int *temp2 = (mp_int *)XMALLOC(sizeof *temp2, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
#else
|
||||
SrpHash hash[1];
|
||||
byte digest[SRP_MAX_DIGEST_SIZE];
|
||||
mp_int u[1], s[1], temp1[1], temp2[1];
|
||||
#endif
|
||||
byte *secret = NULL;
|
||||
word32 i, secretSz, digestSz;
|
||||
mp_int u, s, temp1, temp2;
|
||||
byte pad = 0;
|
||||
int r;
|
||||
|
||||
/* validating params */
|
||||
|
||||
if (!srp || !clientPubKey || clientPubKeySz == 0
|
||||
|| !serverPubKey || serverPubKeySz == 0)
|
||||
return BAD_FUNC_ARG;
|
||||
if ((mp_init_multi(u, s, temp1, temp2, 0, 0)) != MP_OKAY) {
|
||||
r = MP_INIT_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (mp_iszero(&srp->priv) == MP_YES)
|
||||
return SRP_CALL_ORDER_E;
|
||||
if (!srp || !clientPubKey || clientPubKeySz == 0
|
||||
|| !serverPubKey || serverPubKeySz == 0) {
|
||||
r = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if ((hash == NULL) ||
|
||||
(digest == NULL) ||
|
||||
(u == NULL) ||
|
||||
(s == NULL) ||
|
||||
(temp1 == NULL) ||
|
||||
(temp2 == NULL)) {
|
||||
r = MEMORY_E;
|
||||
goto out;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (mp_iszero(&srp->priv) == MP_YES) {
|
||||
r = SRP_CALL_ORDER_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* initializing variables */
|
||||
|
||||
if ((r = SrpHashInit(&hash, srp->type)) != 0)
|
||||
return r;
|
||||
if ((r = SrpHashInit(hash, srp->type)) != 0)
|
||||
goto out;
|
||||
|
||||
digestSz = SrpHashSize(srp->type);
|
||||
secretSz = mp_unsigned_bin_size(&srp->N);
|
||||
|
||||
if ((secretSz < clientPubKeySz) || (secretSz < serverPubKeySz))
|
||||
return BAD_FUNC_ARG;
|
||||
if ((secretSz < clientPubKeySz) || (secretSz < serverPubKeySz)) {
|
||||
r = BAD_FUNC_ARG;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ((secret = (byte*)XMALLOC(secretSz, srp->heap, DYNAMIC_TYPE_SRP)) ==NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if ((r = mp_init_multi(&u, &s, &temp1, &temp2, 0, 0)) != MP_OKAY) {
|
||||
XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
return r;
|
||||
if ((secret = (byte*)XMALLOC(secretSz, srp->heap, DYNAMIC_TYPE_SRP)) == NULL) {
|
||||
r = MEMORY_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* building u (random scrambling parameter) */
|
||||
|
||||
/* H(A) */
|
||||
for (i = 0; !r && i < secretSz - clientPubKeySz; i++)
|
||||
r = SrpHashUpdate(&hash, &pad, 1);
|
||||
if (!r) r = SrpHashUpdate(&hash, clientPubKey, clientPubKeySz);
|
||||
for (i = 0; i < secretSz - clientPubKeySz; i++) {
|
||||
if ((r = SrpHashUpdate(hash, &pad, 1)))
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ((r = SrpHashUpdate(hash, clientPubKey, clientPubKeySz)))
|
||||
goto out;
|
||||
|
||||
/* H(A | B) */
|
||||
for (i = 0; !r && i < secretSz - serverPubKeySz; i++)
|
||||
r = SrpHashUpdate(&hash, &pad, 1);
|
||||
if (!r) r = SrpHashUpdate(&hash, serverPubKey, serverPubKeySz);
|
||||
for (i = 0; i < secretSz - serverPubKeySz; i++) {
|
||||
if ((r = SrpHashUpdate(hash, &pad, 1)))
|
||||
goto out;
|
||||
}
|
||||
if ((r = SrpHashUpdate(hash, serverPubKey, serverPubKeySz)))
|
||||
goto out;
|
||||
|
||||
/* set u */
|
||||
if (!r) r = SrpHashFinal(&hash, digest);
|
||||
if (!r) r = mp_read_unsigned_bin(&u, digest, SrpHashSize(srp->type));
|
||||
SrpHashFree(&hash);
|
||||
if ((r = SrpHashFinal(hash, digest)))
|
||||
goto out;
|
||||
if ((r = mp_read_unsigned_bin(u, digest, SrpHashSize(srp->type))))
|
||||
goto out;
|
||||
SrpHashFree(hash);
|
||||
|
||||
/* building s (secret) */
|
||||
|
||||
if (!r && srp->side == SRP_CLIENT_SIDE) {
|
||||
if (srp->side == SRP_CLIENT_SIDE) {
|
||||
|
||||
/* temp1 = B - k * v; rejects k == 0, B == 0 and B >= N. */
|
||||
r = mp_read_unsigned_bin(&temp1, srp->k, digestSz);
|
||||
if (!r) r = mp_iszero(&temp1) == MP_YES ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_exptmod(&srp->g, &srp->auth, &srp->N, &temp2);
|
||||
if (!r) r = mp_mulmod(&temp1, &temp2, &srp->N, &s);
|
||||
if (!r) r = mp_read_unsigned_bin(&temp2, serverPubKey, serverPubKeySz);
|
||||
if (!r) r = mp_iszero(&temp2) == MP_YES ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_cmp(&temp2, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_submod(&temp2, &s, &srp->N, &temp1);
|
||||
if ((r = mp_read_unsigned_bin(temp1, srp->k, digestSz)))
|
||||
goto out;
|
||||
if (mp_iszero(temp1) == MP_YES) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if ((r = mp_exptmod(&srp->g, &srp->auth, &srp->N, temp2)))
|
||||
goto out;
|
||||
if ((r = mp_mulmod(temp1, temp2, &srp->N, s)))
|
||||
goto out;
|
||||
if ((r = mp_read_unsigned_bin(temp2, serverPubKey, serverPubKeySz)))
|
||||
goto out;
|
||||
if (mp_iszero(temp2) == MP_YES) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if (mp_cmp(temp2, &srp->N) != MP_LT) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if ((r = mp_submod(temp2, s, &srp->N, temp1)))
|
||||
goto out;
|
||||
|
||||
/* temp2 = a + u * x */
|
||||
if (!r) r = mp_mulmod(&u, &srp->auth, &srp->N, &s);
|
||||
if (!r) r = mp_add(&srp->priv, &s, &temp2);
|
||||
if ((r = mp_mulmod(u, &srp->auth, &srp->N, s)))
|
||||
goto out;
|
||||
if ((r = mp_add(&srp->priv, s, temp2)))
|
||||
goto out;
|
||||
|
||||
/* secret = temp1 ^ temp2 % N */
|
||||
if (!r) r = mp_exptmod(&temp1, &temp2, &srp->N, &s);
|
||||
if ((r = mp_exptmod(temp1, temp2, &srp->N, s)))
|
||||
goto out;
|
||||
|
||||
} else if (!r && srp->side == SRP_SERVER_SIDE) {
|
||||
} else if (srp->side == SRP_SERVER_SIDE) {
|
||||
/* temp1 = v ^ u % N */
|
||||
r = mp_exptmod(&srp->auth, &u, &srp->N, &temp1);
|
||||
if ((r = mp_exptmod(&srp->auth, u, &srp->N, temp1)))
|
||||
goto out;
|
||||
|
||||
/* temp2 = A * temp1 % N; rejects A == 0, A >= N */
|
||||
if (!r) r = mp_read_unsigned_bin(&s, clientPubKey, clientPubKeySz);
|
||||
if (!r) r = mp_iszero(&s) == MP_YES ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_cmp(&s, &srp->N) != MP_LT ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_mulmod(&s, &temp1, &srp->N, &temp2);
|
||||
if ((r = mp_read_unsigned_bin(s, clientPubKey, clientPubKeySz)))
|
||||
goto out;
|
||||
if (mp_iszero(s) == MP_YES) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if (mp_cmp(s, &srp->N) != MP_LT) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if ((r = mp_mulmod(s, temp1, &srp->N, temp2)))
|
||||
goto out;
|
||||
|
||||
/* rejects A * v ^ u % N >= 1, A * v ^ u % N == -1 % N */
|
||||
if (!r) r = mp_read_unsigned_bin(&temp1, (const byte*)"\001", 1);
|
||||
if (!r) r = mp_cmp(&temp2, &temp1) != MP_GT ? SRP_BAD_KEY_E : 0;
|
||||
if (!r) r = mp_sub(&srp->N, &temp1, &s);
|
||||
if (!r) r = mp_cmp(&temp2, &s) == MP_EQ ? SRP_BAD_KEY_E : 0;
|
||||
if ((r = mp_read_unsigned_bin(temp1, (const byte*)"\001", 1)))
|
||||
goto out;
|
||||
if (mp_cmp(temp2, temp1) != MP_GT) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
if ((r = mp_sub(&srp->N, temp1, s)))
|
||||
goto out;
|
||||
if (mp_cmp(temp2, s) == MP_EQ) {
|
||||
r = SRP_BAD_KEY_E;
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* secret = temp2 * b % N */
|
||||
if (!r) r = mp_exptmod(&temp2, &srp->priv, &srp->N, &s);
|
||||
if ((r = mp_exptmod(temp2, &srp->priv, &srp->N, s)))
|
||||
goto out;
|
||||
}
|
||||
|
||||
/* building session key from secret */
|
||||
|
||||
if (!r) r = mp_to_unsigned_bin(&s, secret);
|
||||
if (!r) r = srp->keyGenFunc_cb(srp, secret, mp_unsigned_bin_size(&s));
|
||||
if ((r = mp_to_unsigned_bin(s, secret)))
|
||||
goto out;
|
||||
if ((r = srp->keyGenFunc_cb(srp, secret, mp_unsigned_bin_size(s))))
|
||||
goto out;
|
||||
|
||||
/* updating client proof = H( H(N) ^ H(g) | H(user) | salt | A | B | K) */
|
||||
|
||||
if (!r) r = SrpHashUpdate(&srp->client_proof, clientPubKey, clientPubKeySz);
|
||||
if (!r) r = SrpHashUpdate(&srp->client_proof, serverPubKey, serverPubKeySz);
|
||||
if (!r) r = SrpHashUpdate(&srp->client_proof, srp->key, srp->keySz);
|
||||
if ((r = SrpHashUpdate(&srp->client_proof, clientPubKey, clientPubKeySz)))
|
||||
goto out;
|
||||
if ((r = SrpHashUpdate(&srp->client_proof, serverPubKey, serverPubKeySz)))
|
||||
goto out;
|
||||
if ((r = SrpHashUpdate(&srp->client_proof, srp->key, srp->keySz)))
|
||||
goto out;
|
||||
|
||||
/* updating server proof = H(A) */
|
||||
|
||||
if (!r) r = SrpHashUpdate(&srp->server_proof, clientPubKey, clientPubKeySz);
|
||||
r = SrpHashUpdate(&srp->server_proof, clientPubKey, clientPubKeySz);
|
||||
|
||||
XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
mp_clear(&u); mp_clear(&s); mp_clear(&temp1); mp_clear(&temp2);
|
||||
out:
|
||||
|
||||
if (secret) {
|
||||
ForceZero(secret, secretSz);
|
||||
XFREE(secret, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (hash)
|
||||
XFREE(hash, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
if (digest)
|
||||
XFREE(digest, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
if (u) {
|
||||
if (r != MP_INIT_E)
|
||||
mp_clear(u);
|
||||
XFREE(u, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
if (s) {
|
||||
if (r != MP_INIT_E)
|
||||
mp_clear(s);
|
||||
XFREE(s, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
if (temp1) {
|
||||
if (r != MP_INIT_E)
|
||||
mp_clear(temp1);
|
||||
XFREE(temp1, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
if (temp2) {
|
||||
if (r != MP_INIT_E)
|
||||
mp_clear(temp2);
|
||||
XFREE(temp2, srp->heap, DYNAMIC_TYPE_SRP);
|
||||
}
|
||||
#else
|
||||
if (r != MP_INIT_E) {
|
||||
mp_clear(u);
|
||||
mp_clear(s);
|
||||
mp_clear(temp1);
|
||||
mp_clear(temp2);
|
||||
}
|
||||
#endif
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
+4
-4
@@ -3903,10 +3903,10 @@ void fp_rshb(fp_int *c, int x)
|
||||
fp_digit r, rr;
|
||||
fp_digit D = x;
|
||||
|
||||
/* shifting by a negative number not supported */
|
||||
if (x < 0) return;
|
||||
/* shifting by zero changes nothing */
|
||||
if (x == 0) return;
|
||||
/* shifting by a negative number not supported, and shifting by
|
||||
* zero changes nothing.
|
||||
*/
|
||||
if (x <= 0) return;
|
||||
|
||||
/* shift digits first if needed */
|
||||
if (x >= DIGIT_BIT) {
|
||||
|
||||
@@ -2476,7 +2476,7 @@ static int Pkcs11ECDSA_Verify(Pkcs11Session* session, wc_CryptoInfo* info)
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
sig = XMALLOC(sz * 2, info->pk.eccverify.key->heap,
|
||||
sig = (unsigned char *)XMALLOC(sz * 2, info->pk.eccverify.key->heap,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (sig == NULL)
|
||||
ret = MEMORY_E;
|
||||
|
||||
@@ -700,7 +700,7 @@ XFILE z_fs_open(const char* filename, const char* perm)
|
||||
{
|
||||
XFILE file;
|
||||
|
||||
file = XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE);
|
||||
file = (XFILE)XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE);
|
||||
if (file != NULL) {
|
||||
if (fs_open(file, filename) != 0) {
|
||||
XFREE(file, NULL, DYNAMIC_TYPE_FILE);
|
||||
|
||||
+343
-154
@@ -3483,7 +3483,7 @@ static int hash_test(void)
|
||||
return -3382;
|
||||
|
||||
#if !defined(NO_CERTS) && !defined(NO_ASN)
|
||||
#if defined(WOLFSSL_MD2) && !defined(HAVE_SELFTEST)
|
||||
#if defined(WOLFSSL_MD2) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = wc_GetCTC_HashOID(MD2);
|
||||
if (ret == 0)
|
||||
return -3383;
|
||||
@@ -6391,7 +6391,7 @@ EVP_TEST_END:
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
/* 128 key size test */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = EVP_test(EVP_aes_128_ofb(), key2, iv2, plain2, sizeof(plain2),
|
||||
cipher2, sizeof(cipher2));
|
||||
if (ret != 0) {
|
||||
@@ -6429,7 +6429,7 @@ EVP_TEST_END:
|
||||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
/* 192 key size test */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = EVP_test(EVP_aes_192_ofb(), key3, iv3, plain3, sizeof(plain3),
|
||||
cipher3, sizeof(cipher3));
|
||||
if (ret != 0) {
|
||||
@@ -6467,7 +6467,7 @@ EVP_TEST_END:
|
||||
|
||||
#ifdef WOLFSSL_AES_256
|
||||
/* 256 key size test */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = EVP_test(EVP_aes_256_ofb(), key1, iv1, plain1, sizeof(plain1),
|
||||
cipher1, sizeof(cipher1));
|
||||
if (ret != 0) {
|
||||
@@ -7458,7 +7458,7 @@ static int aes_xts_128_test(void)
|
||||
0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
|
||||
};
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = EVP_test(EVP_aes_128_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
|
||||
if (ret != 0) {
|
||||
printf("EVP_aes_128_xts failed!\n");
|
||||
@@ -7639,7 +7639,7 @@ static int aes_xts_256_test(void)
|
||||
0xc3, 0xea, 0xd8, 0x10, 0xe9, 0xc0, 0xaf, 0x92
|
||||
};
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = EVP_test(EVP_aes_256_xts(), k2, i2, p2, sizeof(p2), c2, sizeof(c2));
|
||||
if (ret != 0) {
|
||||
printf("EVP_aes_256_xts failed\n");
|
||||
@@ -11046,7 +11046,8 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
|
||||
!defined(NO_ASN)
|
||||
#ifndef NO_DH
|
||||
static const char* dhParamsFile = CERT_ROOT "dh2048.der";
|
||||
#ifdef WOLFSSL_DH_EXTRA
|
||||
#if defined(WOLFSSL_DH_EXTRA) && (!defined(HAVE_FIPS) || \
|
||||
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
|
||||
static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
|
||||
#endif
|
||||
#endif
|
||||
@@ -12778,7 +12779,6 @@ exit_rsa_pss:
|
||||
static int rsa_no_pad_test(void)
|
||||
{
|
||||
WC_RNG rng;
|
||||
RsaKey key;
|
||||
byte* tmp = NULL;
|
||||
size_t bytes;
|
||||
int ret;
|
||||
@@ -12791,17 +12791,18 @@ static int rsa_no_pad_test(void)
|
||||
!defined(NO_FILESYSTEM)
|
||||
XFILE file;
|
||||
#endif
|
||||
DECLARE_VAR(key, RsaKey, 1, HEAP_HINT);
|
||||
DECLARE_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT);
|
||||
DECLARE_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT);
|
||||
|
||||
#ifdef DECLARE_VAR_IS_HEAP_ALLOC
|
||||
if ((out == NULL) || (plain == NULL))
|
||||
if ((key == NULL) || (out == NULL) || (plain == NULL))
|
||||
ERROR_OUT(MEMORY_E, exit_rsa_nopadding);
|
||||
#endif
|
||||
|
||||
/* initialize stack structures */
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
XMEMSET(key, 0, sizeof(RsaKey));
|
||||
#ifdef USE_CERT_BUFFERS_1024
|
||||
bytes = (size_t)sizeof_client_key_der_1024;
|
||||
if (bytes < (size_t)sizeof_client_cert_der_1024)
|
||||
@@ -12846,11 +12847,11 @@ static int rsa_no_pad_test(void)
|
||||
ERROR_OUT(-7802, exit_rsa_nopadding);
|
||||
#endif /* USE_CERT_BUFFERS */
|
||||
|
||||
ret = wc_InitRsaKey_ex(&key, HEAP_HINT, devId);
|
||||
ret = wc_InitRsaKey_ex(key, HEAP_HINT, devId);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-7803, exit_rsa_nopadding);
|
||||
}
|
||||
ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
|
||||
ret = wc_RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes);
|
||||
if (ret != 0) {
|
||||
ERROR_OUT(-7804, exit_rsa_nopadding);
|
||||
}
|
||||
@@ -12867,16 +12868,16 @@ static int rsa_no_pad_test(void)
|
||||
}
|
||||
|
||||
#ifndef WOLFSSL_RSA_VERIFY_ONLY
|
||||
inLen = wc_RsaEncryptSize(&key);
|
||||
inLen = wc_RsaEncryptSize(key);
|
||||
outSz = inLen;
|
||||
plainSz = inLen;
|
||||
XMEMSET(tmp, 7, inLen);
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
ret = wc_AsyncWait(ret, key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
#endif
|
||||
if (ret >= 0) {
|
||||
ret = wc_RsaDirect(tmp, inLen, out, &outSz, &key,
|
||||
ret = wc_RsaDirect(tmp, inLen, out, &outSz, key,
|
||||
RSA_PRIVATE_ENCRYPT, &rng);
|
||||
}
|
||||
} while (ret == WC_PENDING_E);
|
||||
@@ -12893,10 +12894,10 @@ static int rsa_no_pad_test(void)
|
||||
/* decrypt with public key and compare result */
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
ret = wc_AsyncWait(ret, key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
#endif
|
||||
if (ret >= 0) {
|
||||
ret = wc_RsaDirect(out, outSz, plain, &plainSz, &key,
|
||||
ret = wc_RsaDirect(out, outSz, plain, &plainSz, key,
|
||||
RSA_PUBLIC_DECRYPT, &rng);
|
||||
}
|
||||
} while (ret == WC_PENDING_E);
|
||||
@@ -12916,7 +12917,7 @@ static int rsa_no_pad_test(void)
|
||||
ERROR_OUT(-7810, exit_rsa_nopadding);
|
||||
}
|
||||
|
||||
ret = wc_RsaSetRNG(&key, &rng);
|
||||
ret = wc_RsaSetRNG(key, &rng);
|
||||
if (ret < 0) {
|
||||
ERROR_OUT(-7811, exit_rsa_nopadding);
|
||||
}
|
||||
@@ -12926,10 +12927,10 @@ static int rsa_no_pad_test(void)
|
||||
#ifndef WOLFSSL_RSA_VERIFY_ONLY
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
ret = wc_AsyncWait(ret, key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
#endif
|
||||
if (ret >= 0) {
|
||||
ret = wc_RsaPublicEncrypt_ex(tmp, inLen, out, (int)outSz, &key, &rng,
|
||||
ret = wc_RsaPublicEncrypt_ex(tmp, inLen, out, (int)outSz, key, &rng,
|
||||
WC_RSA_NO_PAD, WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0);
|
||||
}
|
||||
} while (ret == WC_PENDING_E);
|
||||
@@ -12942,10 +12943,10 @@ static int rsa_no_pad_test(void)
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
ret = wc_AsyncWait(ret, key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
#endif
|
||||
if (ret >= 0) {
|
||||
ret = wc_RsaPrivateDecrypt_ex(out, outSz, plain, (int)plainSz, &key,
|
||||
ret = wc_RsaPrivateDecrypt_ex(out, outSz, plain, (int)plainSz, key,
|
||||
WC_RSA_NO_PAD, WC_HASH_TYPE_NONE, WC_MGF1NONE, NULL, 0);
|
||||
}
|
||||
} while (ret == WC_PENDING_E);
|
||||
@@ -12960,7 +12961,7 @@ static int rsa_no_pad_test(void)
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
|
||||
/* test some bad arguments */
|
||||
ret = wc_RsaDirect(out, outSz, plain, &plainSz, &key, -1,
|
||||
ret = wc_RsaDirect(out, outSz, plain, &plainSz, key, -1,
|
||||
&rng);
|
||||
if (ret != BAD_FUNC_ARG) {
|
||||
ERROR_OUT(-7815, exit_rsa_nopadding);
|
||||
@@ -12972,13 +12973,13 @@ static int rsa_no_pad_test(void)
|
||||
ERROR_OUT(-7816, exit_rsa_nopadding);
|
||||
}
|
||||
|
||||
ret = wc_RsaDirect(out, outSz, NULL, &plainSz, &key, RSA_PUBLIC_DECRYPT,
|
||||
ret = wc_RsaDirect(out, outSz, NULL, &plainSz, key, RSA_PUBLIC_DECRYPT,
|
||||
&rng);
|
||||
if (ret != LENGTH_ONLY_E || plainSz != inLen) {
|
||||
ERROR_OUT(-7817, exit_rsa_nopadding);
|
||||
}
|
||||
|
||||
ret = wc_RsaDirect(out, outSz - 10, plain, &plainSz, &key,
|
||||
ret = wc_RsaDirect(out, outSz - 10, plain, &plainSz, key,
|
||||
RSA_PUBLIC_DECRYPT, &rng);
|
||||
if (ret != BAD_FUNC_ARG) {
|
||||
ERROR_OUT(-7818, exit_rsa_nopadding);
|
||||
@@ -12989,10 +12990,11 @@ static int rsa_no_pad_test(void)
|
||||
ret = 0;
|
||||
|
||||
exit_rsa_nopadding:
|
||||
wc_FreeRsaKey(key);
|
||||
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
FREE_VAR(key, HEAP_HINT);
|
||||
FREE_VAR(out, HEAP_HINT);
|
||||
FREE_VAR(plain, HEAP_HINT);
|
||||
wc_FreeRsaKey(&key);
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
return ret;
|
||||
@@ -15602,15 +15604,42 @@ done:
|
||||
|
||||
static int dsa_test(void)
|
||||
{
|
||||
int ret, answer;
|
||||
int ret = 0, answer;
|
||||
word32 bytes;
|
||||
word32 idx = 0;
|
||||
byte tmp[1024];
|
||||
DsaKey key;
|
||||
WC_RNG rng;
|
||||
wc_Sha sha;
|
||||
byte hash[WC_SHA_DIGEST_SIZE];
|
||||
byte signature[40];
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
byte* der = 0;
|
||||
#endif
|
||||
#define DSA_TEST_TMP_SIZE 1024
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
byte *tmp = (byte *)XMALLOC(DSA_TEST_TMP_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
DsaKey *key = (DsaKey *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
DsaKey *derIn = (DsaKey *)XMALLOC(sizeof *derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
DsaKey *genKey = (DsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
if ((tmp == NULL) ||
|
||||
(key == NULL)
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
|| (derIn == NULL)
|
||||
|| (genKey == NULL)
|
||||
#endif
|
||||
) {
|
||||
ret = -8216;
|
||||
goto out;
|
||||
}
|
||||
#else
|
||||
byte tmp[1024];
|
||||
DsaKey key[1];
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
DsaKey derIn[1];
|
||||
DsaKey genKey[1];
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef USE_CERT_BUFFERS_1024
|
||||
XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
|
||||
@@ -15619,112 +15648,154 @@ static int dsa_test(void)
|
||||
XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
|
||||
bytes = sizeof_dsa_key_der_2048;
|
||||
#else
|
||||
XFILE file = XFOPEN(dsaKey, "rb");
|
||||
if (!file)
|
||||
return -8200;
|
||||
{
|
||||
XFILE file = XFOPEN(dsaKey, "rb");
|
||||
if (!file)
|
||||
ERROR_OUT(-8200, out);
|
||||
|
||||
bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), file);
|
||||
XFCLOSE(file);
|
||||
bytes = (word32) XFREAD(tmp, 1, DSA_TEST_TMP_SIZE, file);
|
||||
XFCLOSE(file);
|
||||
}
|
||||
#endif /* USE_CERT_BUFFERS */
|
||||
|
||||
ret = wc_InitSha_ex(&sha, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return -8201;
|
||||
ERROR_OUT(-8201, out);
|
||||
wc_ShaUpdate(&sha, tmp, bytes);
|
||||
wc_ShaFinal(&sha, hash);
|
||||
wc_ShaFree(&sha);
|
||||
|
||||
ret = wc_InitDsaKey(&key);
|
||||
if (ret != 0) return -8202;
|
||||
ret = wc_InitDsaKey(key);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8202, out);
|
||||
|
||||
ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
|
||||
if (ret != 0) return -8203;
|
||||
ret = wc_DsaPrivateKeyDecode(tmp, &idx, key, bytes);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8203, out);
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
ret = wc_InitRng_ex(&rng, HEAP_HINT, devId);
|
||||
#else
|
||||
ret = wc_InitRng(&rng);
|
||||
#endif
|
||||
if (ret != 0) return -8204;
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8204, out);
|
||||
|
||||
ret = wc_DsaSign(hash, signature, &key, &rng);
|
||||
if (ret != 0) return -8205;
|
||||
ret = wc_DsaSign(hash, signature, key, &rng);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8205, out);
|
||||
|
||||
ret = wc_DsaVerify(hash, signature, &key, &answer);
|
||||
if (ret != 0) return -8206;
|
||||
if (answer != 1) return -8207;
|
||||
ret = wc_DsaVerify(hash, signature, key, &answer);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8206, out);
|
||||
if (answer != 1)
|
||||
ERROR_OUT(-8207, out);
|
||||
|
||||
wc_FreeDsaKey(&key);
|
||||
wc_FreeDsaKey(key);
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
{
|
||||
byte* der;
|
||||
int derSz = 0;
|
||||
DsaKey derIn;
|
||||
DsaKey genKey;
|
||||
|
||||
ret = wc_InitDsaKey(&genKey);
|
||||
if (ret != 0) return -8208;
|
||||
ret = wc_InitDsaKey(genKey);
|
||||
if (ret != 0)
|
||||
ERROR_OUT(-8208, out);
|
||||
|
||||
ret = wc_MakeDsaParameters(&rng, 1024, &genKey);
|
||||
ret = wc_MakeDsaParameters(&rng, 1024, genKey);
|
||||
if (ret != 0) {
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -8209;
|
||||
wc_FreeDsaKey(genKey);
|
||||
ERROR_OUT(-8209, out);
|
||||
}
|
||||
|
||||
ret = wc_MakeDsaKey(&rng, &genKey);
|
||||
ret = wc_MakeDsaKey(&rng, genKey);
|
||||
if (ret != 0) {
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -8210;
|
||||
wc_FreeDsaKey(genKey);
|
||||
ERROR_OUT(-8210, out);
|
||||
}
|
||||
|
||||
der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (der == NULL) {
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -8211;
|
||||
wc_FreeDsaKey(genKey);
|
||||
ERROR_OUT(-8211, out);
|
||||
}
|
||||
|
||||
derSz = wc_DsaKeyToDer(&genKey, der, FOURK_BUF);
|
||||
derSz = wc_DsaKeyToDer(genKey, der, FOURK_BUF);
|
||||
if (derSz < 0) {
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return -8212;
|
||||
ERROR_OUT(-8212, out);
|
||||
}
|
||||
|
||||
ret = SaveDerAndPem(der, derSz, keyDerFile, keyPemFile,
|
||||
DSA_PRIVATEKEY_TYPE, -5814);
|
||||
if (ret != 0) {
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return ret;
|
||||
wc_FreeDsaKey(genKey);
|
||||
goto out;
|
||||
}
|
||||
|
||||
ret = wc_InitDsaKey(&derIn);
|
||||
ret = wc_InitDsaKey(derIn);
|
||||
if (ret != 0) {
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -8213;
|
||||
wc_FreeDsaKey(genKey);
|
||||
ERROR_OUT(-8213, out);
|
||||
}
|
||||
|
||||
idx = 0;
|
||||
ret = wc_DsaPrivateKeyDecode(der, &idx, &derIn, derSz);
|
||||
ret = wc_DsaPrivateKeyDecode(der, &idx, derIn, derSz);
|
||||
if (ret != 0) {
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
wc_FreeDsaKey(&derIn);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -8214;
|
||||
wc_FreeDsaKey(derIn);
|
||||
wc_FreeDsaKey(genKey);
|
||||
ERROR_OUT(-8214, out);
|
||||
}
|
||||
|
||||
wc_FreeDsaKey(&derIn);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
if (wc_InitDsaKey_h(&key, NULL) != 0)
|
||||
return -8215;
|
||||
out:
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (key) {
|
||||
#endif
|
||||
if (wc_InitDsaKey_h(key, NULL) != 0)
|
||||
ret = -8215;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
if (der)
|
||||
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (tmp)
|
||||
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (key)
|
||||
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
if (derIn) {
|
||||
wc_FreeDsaKey(derIn);
|
||||
XFREE(derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (genKey) {
|
||||
wc_FreeDsaKey(genKey);
|
||||
XFREE(genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* !WOLFSSL_SMALL_STACK */
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
wc_FreeDsaKey(derIn);
|
||||
wc_FreeDsaKey(genKey);
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
||||
wc_FreeRng(&rng);
|
||||
return 0;
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* NO_DSA */
|
||||
@@ -15750,17 +15821,12 @@ static int generate_random_salt(byte *buf, word32 size)
|
||||
|
||||
static int srp_test(void)
|
||||
{
|
||||
Srp cli, srv;
|
||||
int r;
|
||||
|
||||
byte clientPubKey[80]; /* A */
|
||||
byte serverPubKey[80]; /* B */
|
||||
word32 clientPubKeySz = 80;
|
||||
word32 serverPubKeySz = 80;
|
||||
byte clientProof[SRP_MAX_DIGEST_SIZE]; /* M1 */
|
||||
byte serverProof[SRP_MAX_DIGEST_SIZE]; /* M2 */
|
||||
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
|
||||
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
|
||||
|
||||
byte username[] = "user";
|
||||
word32 usernameSz = 4;
|
||||
@@ -15768,7 +15834,7 @@ static int srp_test(void)
|
||||
byte password[] = "password";
|
||||
word32 passwordSz = 8;
|
||||
|
||||
byte N[] = {
|
||||
static const byte N[] = {
|
||||
0xC9, 0x4D, 0x67, 0xEB, 0x5B, 0x1A, 0x23, 0x46, 0xE8, 0xAB, 0x42, 0x2F,
|
||||
0xC6, 0xA0, 0xED, 0xAE, 0xDA, 0x8C, 0x7F, 0x89, 0x4C, 0x9E, 0xEE, 0xC4,
|
||||
0x2F, 0x9E, 0xD2, 0x50, 0xFD, 0x7F, 0x00, 0x46, 0xE5, 0xAF, 0x2C, 0xF7,
|
||||
@@ -15778,7 +15844,7 @@ static int srp_test(void)
|
||||
0x03, 0x44, 0x60, 0xFA, 0xA7, 0xAD, 0xF4, 0x83
|
||||
};
|
||||
|
||||
byte g[] = {
|
||||
static const byte g[] = {
|
||||
0x02
|
||||
};
|
||||
|
||||
@@ -15787,10 +15853,32 @@ static int srp_test(void)
|
||||
byte verifier[80];
|
||||
word32 v_size = sizeof(verifier);
|
||||
|
||||
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
|
||||
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
Srp *cli = (Srp *)XMALLOC(sizeof *cli, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
Srp *srv = (Srp *)XMALLOC(sizeof *srv, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
byte *clientProof = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); /* M1 */
|
||||
byte *serverProof = (byte *)XMALLOC(SRP_MAX_DIGEST_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); /* M2 */
|
||||
|
||||
if ((cli == NULL) ||
|
||||
(srv == NULL) ||
|
||||
(clientProof == NULL) ||
|
||||
(serverProof == NULL)) {
|
||||
r = -8222;
|
||||
goto out;
|
||||
}
|
||||
#else
|
||||
Srp cli[1], srv[1];
|
||||
byte clientProof[SRP_MAX_DIGEST_SIZE]; /* M1 */
|
||||
byte serverProof[SRP_MAX_DIGEST_SIZE]; /* M2 */
|
||||
#endif
|
||||
|
||||
|
||||
/* set as 0's so if second init on srv not called SrpTerm is not on
|
||||
* garbage values */
|
||||
XMEMSET(&srv, 0, sizeof(Srp));
|
||||
XMEMSET(&cli, 0, sizeof(Srp));
|
||||
XMEMSET(srv, 0, sizeof *srv);
|
||||
XMEMSET(cli, 0, sizeof *cli);
|
||||
|
||||
/* generating random salt */
|
||||
|
||||
@@ -15799,47 +15887,60 @@ static int srp_test(void)
|
||||
/* client knows username and password. */
|
||||
/* server knows N, g, salt and verifier. */
|
||||
|
||||
if (!r) r = wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
|
||||
if (!r) r = wc_SrpSetUsername(&cli, username, usernameSz);
|
||||
if (!r) r = wc_SrpInit(cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
|
||||
if (!r) r = wc_SrpSetUsername(cli, username, usernameSz);
|
||||
|
||||
/* loading N, g and salt in advance to generate the verifier. */
|
||||
|
||||
if (!r) r = wc_SrpSetParams(&cli, N, sizeof(N),
|
||||
if (!r) r = wc_SrpSetParams(cli, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt));
|
||||
if (!r) r = wc_SrpSetPassword(&cli, password, passwordSz);
|
||||
if (!r) r = wc_SrpGetVerifier(&cli, verifier, &v_size);
|
||||
if (!r) r = wc_SrpSetPassword(cli, password, passwordSz);
|
||||
if (!r) r = wc_SrpGetVerifier(cli, verifier, &v_size);
|
||||
|
||||
/* client sends username to server */
|
||||
|
||||
if (!r) r = wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE);
|
||||
if (!r) r = wc_SrpSetUsername(&srv, username, usernameSz);
|
||||
if (!r) r = wc_SrpSetParams(&srv, N, sizeof(N),
|
||||
if (!r) r = wc_SrpInit(srv, SRP_TYPE_SHA, SRP_SERVER_SIDE);
|
||||
if (!r) r = wc_SrpSetUsername(srv, username, usernameSz);
|
||||
if (!r) r = wc_SrpSetParams(srv, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt));
|
||||
if (!r) r = wc_SrpSetVerifier(&srv, verifier, v_size);
|
||||
if (!r) r = wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz);
|
||||
if (!r) r = wc_SrpSetVerifier(srv, verifier, v_size);
|
||||
if (!r) r = wc_SrpGetPublic(srv, serverPubKey, &serverPubKeySz);
|
||||
|
||||
/* server sends N, g, salt and B to client */
|
||||
|
||||
if (!r) r = wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz);
|
||||
if (!r) r = wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
|
||||
if (!r) r = wc_SrpGetPublic(cli, clientPubKey, &clientPubKeySz);
|
||||
if (!r) r = wc_SrpComputeKey(cli, clientPubKey, clientPubKeySz,
|
||||
serverPubKey, serverPubKeySz);
|
||||
if (!r) r = wc_SrpGetProof(&cli, clientProof, &clientProofSz);
|
||||
if (!r) r = wc_SrpGetProof(cli, clientProof, &clientProofSz);
|
||||
|
||||
/* client sends A and M1 to server */
|
||||
|
||||
if (!r) r = wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
|
||||
if (!r) r = wc_SrpComputeKey(srv, clientPubKey, clientPubKeySz,
|
||||
serverPubKey, serverPubKeySz);
|
||||
if (!r) r = wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz);
|
||||
if (!r) r = wc_SrpGetProof(&srv, serverProof, &serverProofSz);
|
||||
if (!r) r = wc_SrpVerifyPeersProof(srv, clientProof, clientProofSz);
|
||||
if (!r) r = wc_SrpGetProof(srv, serverProof, &serverProofSz);
|
||||
|
||||
/* server sends M2 to client */
|
||||
|
||||
if (!r) r = wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz);
|
||||
if (!r) r = wc_SrpVerifyPeersProof(cli, serverProof, serverProofSz);
|
||||
|
||||
wc_SrpTerm(&cli);
|
||||
wc_SrpTerm(&srv);
|
||||
wc_SrpTerm(cli);
|
||||
wc_SrpTerm(srv);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
out:
|
||||
|
||||
if (cli)
|
||||
XFREE(cli, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (srv)
|
||||
XFREE(srv, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (clientProof)
|
||||
XFREE(clientProof, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (serverProof)
|
||||
XFREE(serverProof, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
return r;
|
||||
}
|
||||
@@ -17976,16 +18077,29 @@ static int openssl_pkey1_test(void)
|
||||
EVP_PKEY_CTX* enc = NULL;
|
||||
EVP_PKEY* pubKey = NULL;
|
||||
EVP_PKEY* prvKey = NULL;
|
||||
X509* x509;
|
||||
X509* x509 = NULL;
|
||||
|
||||
const unsigned char msg[] = "sugar slapped";
|
||||
static const unsigned char msg[] = "sugar slapped";
|
||||
const unsigned char* clikey;
|
||||
unsigned char tmp[FOURK_BUF];
|
||||
long cliKeySz;
|
||||
unsigned char cipher[RSA_TEST_BYTES];
|
||||
unsigned char plain[RSA_TEST_BYTES];
|
||||
size_t outlen;
|
||||
int keyLenBits = 2048;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
unsigned char *tmp = (unsigned char *)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
unsigned char *cipher = (unsigned char *)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
unsigned char *plain = (unsigned char *)XMALLOC(RSA_TEST_BYTES, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if ((tmp == NULL) ||
|
||||
(cipher == NULL) ||
|
||||
(plain == NULL)) {
|
||||
ret = -9015;
|
||||
goto openssl_pkey1_test_done;
|
||||
}
|
||||
#else
|
||||
unsigned char tmp[FOURK_BUF];
|
||||
unsigned char cipher[RSA_TEST_BYTES];
|
||||
unsigned char plain[RSA_TEST_BYTES];
|
||||
#endif
|
||||
|
||||
#if defined(USE_CERT_BUFFERS_1024)
|
||||
XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
|
||||
@@ -18022,7 +18136,8 @@ static int openssl_pkey1_test(void)
|
||||
if (!f) {
|
||||
err_sys("can't open ./certs/client-key.der, "
|
||||
"Please run from wolfSSL home dir", -41);
|
||||
return -9000;
|
||||
ret = -9000;
|
||||
goto openssl_pkey1_test_done;
|
||||
}
|
||||
|
||||
cliKeySz = (long)XFREAD(tmp, 1, FOURK_BUF, f);
|
||||
@@ -18034,7 +18149,8 @@ static int openssl_pkey1_test(void)
|
||||
clikey = tmp;
|
||||
|
||||
if ((prvKey = EVP_PKEY_new()) == NULL) {
|
||||
return -9001;
|
||||
ret = -9001;
|
||||
goto openssl_pkey1_test_done;
|
||||
}
|
||||
EVP_PKEY_free(prvKey);
|
||||
prvKey = NULL;
|
||||
@@ -18101,14 +18217,14 @@ static int openssl_pkey1_test(void)
|
||||
}
|
||||
#endif
|
||||
|
||||
XMEMSET(cipher, 0, sizeof(cipher));
|
||||
XMEMSET(cipher, 0, RSA_TEST_BYTES);
|
||||
outlen = keyLenBits/8;
|
||||
if (EVP_PKEY_encrypt(enc, cipher, &outlen, msg, sizeof(msg)) < 0) {
|
||||
ret = -9013;
|
||||
goto openssl_pkey1_test_done;
|
||||
}
|
||||
|
||||
XMEMSET(plain, 0, sizeof(plain));
|
||||
XMEMSET(plain, 0, RSA_TEST_BYTES);
|
||||
if (EVP_PKEY_decrypt(dec, plain, &outlen, cipher, outlen) != 1) {
|
||||
ret = -9014;
|
||||
goto openssl_pkey1_test_done;
|
||||
@@ -18131,7 +18247,16 @@ openssl_pkey1_test_done:
|
||||
X509_free(x509);
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (tmp != NULL)
|
||||
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (cipher != NULL)
|
||||
XFREE(cipher, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (plain != NULL)
|
||||
XFREE(plain, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -18330,6 +18455,9 @@ static int openssl_evpSig_test(void)
|
||||
/* Test vectors taken from RFC 7914: scrypt PBKDF - Section 12. */
|
||||
static int scrypt_test(void)
|
||||
{
|
||||
#ifdef HAVE_FIPS
|
||||
/* RFC 7914 test vector keys are too short for FIPS. */
|
||||
#else
|
||||
int ret;
|
||||
byte derived[64];
|
||||
|
||||
@@ -18420,6 +18548,8 @@ static int scrypt_test(void)
|
||||
if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
|
||||
return -9209;
|
||||
|
||||
#endif /* !HAVE_FIPS */
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
@@ -19280,39 +19410,53 @@ done:
|
||||
static int ecc_test_cdh_vectors(WC_RNG* rng)
|
||||
{
|
||||
int ret;
|
||||
ecc_key pub_key, priv_key;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
ecc_key *pub_key = (ecc_key *)XMALLOC(sizeof *pub_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
ecc_key *priv_key = (ecc_key *)XMALLOC(sizeof *priv_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#else
|
||||
ecc_key pub_key[1], priv_key[1];
|
||||
#endif
|
||||
byte sharedA[32] = {0}, sharedB[32] = {0};
|
||||
word32 x, z;
|
||||
|
||||
const char* QCAVSx = "700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287";
|
||||
const char* QCAVSy = "db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac";
|
||||
const char* dIUT = "7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534";
|
||||
const char* QIUTx = "ead218590119e8876b29146ff89ca61770c4edbbf97d38ce385ed281d8a6b230";
|
||||
const char* QIUTy = "28af61281fd35e2fa7002523acc85a429cb06ee6648325389f59edfce1405141";
|
||||
const char* ZIUT = "46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b";
|
||||
static const char* QCAVSx = "700c48f77f56584c5cc632ca65640db91b6bacce3a4df6b42ce7cc838833d287";
|
||||
static const char* QCAVSy = "db71e509e3fd9b060ddb20ba5c51dcc5948d46fbf640dfe0441782cab85fa4ac";
|
||||
static const char* dIUT = "7d7dc5f71eb29ddaf80d6214632eeae03d9058af1fb6d22ed80badb62bc1a534";
|
||||
static const char* QIUTx = "ead218590119e8876b29146ff89ca61770c4edbbf97d38ce385ed281d8a6b230";
|
||||
static const char* QIUTy = "28af61281fd35e2fa7002523acc85a429cb06ee6648325389f59edfce1405141";
|
||||
static const char* ZIUT = "46fc62106420ff012e54a434fbdd2d25ccc5852060561e68040dd7778997bd7b";
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if ((pub_key == NULL) ||
|
||||
(priv_key == NULL)) {
|
||||
ret = MEMORY_E;
|
||||
goto done;
|
||||
}
|
||||
#endif
|
||||
|
||||
XMEMSET(pub_key, 0, sizeof *pub_key);
|
||||
XMEMSET(priv_key, 0, sizeof *priv_key);
|
||||
|
||||
/* setup private and public keys */
|
||||
ret = wc_ecc_init_ex(&pub_key, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
ret = wc_ecc_init_ex(&priv_key, HEAP_HINT, devId);
|
||||
if (ret != 0) {
|
||||
wc_ecc_free(&pub_key);
|
||||
return ret;
|
||||
}
|
||||
wc_ecc_set_flags(&pub_key, WC_ECC_FLAG_COFACTOR);
|
||||
wc_ecc_set_flags(&priv_key, WC_ECC_FLAG_COFACTOR);
|
||||
ret = wc_ecc_import_raw(&pub_key, QCAVSx, QCAVSy, NULL, "SECP256R1");
|
||||
ret = wc_ecc_init_ex(pub_key, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
ret = wc_ecc_import_raw(&priv_key, QIUTx, QIUTy, dIUT, "SECP256R1");
|
||||
ret = wc_ecc_init_ex(priv_key, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
wc_ecc_set_flags(pub_key, WC_ECC_FLAG_COFACTOR);
|
||||
wc_ecc_set_flags(priv_key, WC_ECC_FLAG_COFACTOR);
|
||||
ret = wc_ecc_import_raw(pub_key, QCAVSx, QCAVSy, NULL, "SECP256R1");
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
ret = wc_ecc_import_raw(priv_key, QIUTx, QIUTy, dIUT, "SECP256R1");
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
|
||||
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
|
||||
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
|
||||
!defined(HAVE_SELFTEST)
|
||||
ret = wc_ecc_set_rng(&priv_key, rng);
|
||||
ret = wc_ecc_set_rng(priv_key, rng);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
#else
|
||||
@@ -19323,10 +19467,10 @@ static int ecc_test_cdh_vectors(WC_RNG* rng)
|
||||
x = sizeof(sharedA);
|
||||
do {
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &priv_key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
ret = wc_AsyncWait(ret, priv_key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
#endif
|
||||
if (ret == 0)
|
||||
ret = wc_ecc_shared_secret(&priv_key, &pub_key, sharedA, &x);
|
||||
ret = wc_ecc_shared_secret(priv_key, pub_key, sharedA, &x);
|
||||
} while (ret == WC_PENDING_E);
|
||||
if (ret != 0) {
|
||||
goto done;
|
||||
@@ -19345,8 +19489,21 @@ static int ecc_test_cdh_vectors(WC_RNG* rng)
|
||||
}
|
||||
|
||||
done:
|
||||
wc_ecc_free(&priv_key);
|
||||
wc_ecc_free(&pub_key);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (priv_key) {
|
||||
wc_ecc_free(priv_key);
|
||||
XFREE(priv_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
if (pub_key) {
|
||||
wc_ecc_free(pub_key);
|
||||
XFREE(pub_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#else
|
||||
wc_ecc_free(priv_key);
|
||||
wc_ecc_free(pub_key);
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_ECC_CDH */
|
||||
@@ -19807,7 +19964,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
DECLARE_VAR(sharedB, byte, ECC_SHARED_SIZE, HEAP_HINT);
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
byte exportBuf[MAX_ECC_BYTES * 2 + 32];
|
||||
#define ECC_KEY_EXPORT_BUF_SIZE (MAX_ECC_BYTES * 2 + 32)
|
||||
DECLARE_VAR(exportBuf, byte, ECC_KEY_EXPORT_BUF_SIZE, HEAP_HINT);
|
||||
#endif
|
||||
word32 x = 0;
|
||||
#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && \
|
||||
@@ -19841,6 +19999,11 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
ERROR_OUT(-9900, done);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
if (exportBuf == NULL)
|
||||
ERROR_OUT(-9913, done);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_SIGN
|
||||
if ((sig == NULL) || (digest == NULL))
|
||||
ERROR_OUT(-9901, done);
|
||||
@@ -20008,7 +20171,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
#endif /* WOLFSSL_ATECC508A */
|
||||
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
x = sizeof(exportBuf);
|
||||
x = ECC_KEY_EXPORT_BUF_SIZE;
|
||||
ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 0);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
@@ -20044,7 +20207,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
|
||||
#ifdef HAVE_COMP_KEY
|
||||
/* try compressed export / import too */
|
||||
x = sizeof(exportBuf);
|
||||
x = ECC_KEY_EXPORT_BUF_SIZE;
|
||||
ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 1);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
@@ -20167,7 +20330,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
|
||||
#if defined(HAVE_ECC_KEY_EXPORT) && !defined(WOLFSSL_ATECC508) && \
|
||||
!defined(WOLFSSL_ATECC608A)
|
||||
x = sizeof(exportBuf);
|
||||
x = ECC_KEY_EXPORT_BUF_SIZE;
|
||||
ret = wc_ecc_export_private_only(userA, exportBuf, &x);
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
@@ -20198,6 +20361,9 @@ done:
|
||||
FREE_VAR(sharedA, HEAP_HINT);
|
||||
FREE_VAR(sharedB, HEAP_HINT);
|
||||
#endif
|
||||
#ifdef HAVE_ECC_KEY_EXPORT
|
||||
FREE_VAR(exportBuf, HEAP_HINT);
|
||||
#endif
|
||||
#ifdef HAVE_ECC_SIGN
|
||||
FREE_VAR(sig, HEAP_HINT);
|
||||
FREE_VAR(digest, HEAP_HINT);
|
||||
@@ -21093,24 +21259,28 @@ static int ecc_test_custom_curves(WC_RNG* rng)
|
||||
{
|
||||
int ret;
|
||||
word32 inOutIdx;
|
||||
ecc_key key;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#else
|
||||
ecc_key key[1];
|
||||
#endif
|
||||
|
||||
/* test use of custom curve - using BRAINPOOLP256R1 for test */
|
||||
#ifndef WOLFSSL_ECC_CURVE_STATIC
|
||||
const ecc_oid_t ecc_oid_brainpoolp256r1[] = {
|
||||
static const ecc_oid_t ecc_oid_brainpoolp256r1[] = {
|
||||
0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07
|
||||
};
|
||||
const word32 ecc_oid_brainpoolp256r1_sz =
|
||||
sizeof(ecc_oid_brainpoolp256r1) / sizeof(ecc_oid_t);
|
||||
#define ecc_oid_brainpoolp256r1_sz \
|
||||
(sizeof(ecc_oid_brainpoolp256r1) / sizeof(ecc_oid_t))
|
||||
#else
|
||||
#define ecc_oid_brainpoolp256r1 { \
|
||||
0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07 \
|
||||
}
|
||||
#define ecc_oid_brainpoolp256r1_sz 9
|
||||
#endif
|
||||
const word32 ecc_oid_brainpoolp256r1_sum = 104;
|
||||
#define ecc_oid_brainpoolp256r1_sum 104
|
||||
|
||||
const ecc_set_type ecc_dp_brainpool256r1 = {
|
||||
static const ecc_set_type ecc_dp_brainpool256r1 = {
|
||||
32, /* size/bytes */
|
||||
ECC_CURVE_CUSTOM, /* ID */
|
||||
"BRAINPOOLP256R1", /* curve name */
|
||||
@@ -21126,11 +21296,20 @@ static int ecc_test_custom_curves(WC_RNG* rng)
|
||||
1, /* cofactor */
|
||||
};
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (! key) {
|
||||
ret = MEMORY_E;
|
||||
goto done;
|
||||
}
|
||||
#endif
|
||||
|
||||
XMEMSET(key, 0, sizeof *key);
|
||||
|
||||
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF,
|
||||
&ecc_dp_brainpool256r1);
|
||||
if (ret != 0) {
|
||||
printf("ECC test for custom curve failed! %d\n", ret);
|
||||
return ret;
|
||||
goto done;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_BRAINPOOL) || defined(HAVE_ECC_KOBLITZ)
|
||||
@@ -21145,23 +21324,33 @@ static int ecc_test_custom_curves(WC_RNG* rng)
|
||||
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, curve_id, NULL);
|
||||
if (ret < 0) {
|
||||
printf("ECC test for curve_id %d failed! %d\n", curve_id, ret);
|
||||
return ret;
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
|
||||
ret = wc_ecc_init_ex(key, HEAP_HINT, devId);
|
||||
if (ret != 0) {
|
||||
return -10120;
|
||||
ret = -10120;
|
||||
goto done;
|
||||
}
|
||||
|
||||
inOutIdx = 0;
|
||||
ret = wc_EccPublicKeyDecode(eccKeyExplicitCurve, &inOutIdx, &key,
|
||||
ret = wc_EccPublicKeyDecode(eccKeyExplicitCurve, &inOutIdx, key,
|
||||
sizeof(eccKeyExplicitCurve));
|
||||
if (ret != 0)
|
||||
return -10121;
|
||||
ret = -10121;
|
||||
|
||||
wc_ecc_free(&key);
|
||||
done:
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
if (key) {
|
||||
wc_ecc_free(key);
|
||||
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
#else
|
||||
wc_ecc_free(key);
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
+1
-26
@@ -42,32 +42,7 @@
|
||||
* OpenSSL compatibility layer. This makes code working with an AES structure
|
||||
* to need the size of the structure. */
|
||||
typedef struct WOLFSSL_AES_KEY {
|
||||
/* aligned and big enough for Aes from wolfssl/wolfcrypt/aes.h */
|
||||
ALIGN16 void* holder[(376 + WC_ASYNC_DEV_SIZE)/ sizeof(void*)];
|
||||
#ifdef GCM_TABLE
|
||||
/* key-based fast multiplication table. */
|
||||
ALIGN16 void* M0[4096 / sizeof(void*)];
|
||||
#elif defined(GCM_TABLE_4BIT)
|
||||
#if !defined(WORD64_AVAILABLE) || defined(BIG_ENDIAN_ORDER)
|
||||
ALIGN16 byte M0[16][AES_BLOCK_SIZE];
|
||||
#else
|
||||
ALIGN16 byte M0[32][AES_BLOCK_SIZE];
|
||||
#endif
|
||||
#endif /* GCM_TABLE */
|
||||
#if defined(WOLFSSL_DEVCRYPTO) && \
|
||||
(defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC))
|
||||
/* large enough for additional devcrypto information */
|
||||
void* devKey[288 / sizeof(void*)];
|
||||
#endif
|
||||
#ifdef WOLFSSL_AFALG
|
||||
void* afalg_holder[288 / sizeof(void*)];
|
||||
#endif
|
||||
#ifdef HAVE_PKCS11
|
||||
void* pkcs11_holder[(AES_MAX_ID_LEN + sizeof(int)) / sizeof(void*)];
|
||||
#endif
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
|
||||
void* async_holder[128 / sizeof(void*)];
|
||||
#endif
|
||||
ALIGN16 void *buf[(sizeof(Aes) / sizeof(void *)) + 1];
|
||||
} WOLFSSL_AES_KEY;
|
||||
typedef WOLFSSL_AES_KEY AES_KEY;
|
||||
|
||||
|
||||
@@ -49,7 +49,7 @@ typedef struct WOLFSSL_BIGNUM {
|
||||
|
||||
|
||||
#define BN_ULONG WOLFSSL_BN_ULONG
|
||||
#define WOLFSSL_BN_ULONG mp_digit
|
||||
#define WOLFSSL_BN_ULONG unsigned long
|
||||
|
||||
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
|
||||
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
|
||||
@@ -113,7 +113,7 @@ WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
|
||||
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
|
||||
WOLFSSL_API int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM*, int);
|
||||
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
|
||||
WOLFSSL_API unsigned long wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
|
||||
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_get_word(const WOLFSSL_BIGNUM*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*,
|
||||
WOLFSSL_BIGNUM*);
|
||||
|
||||
@@ -2052,12 +2052,6 @@ struct stack_size_debug_context {
|
||||
* CFLAGS='-g -DHAVE_STACK_SIZE_VERBOSE' ./configure --enable-stacksize [...]
|
||||
*/
|
||||
|
||||
extern THREAD_LS_T unsigned char *StackSizeCheck_myStack;
|
||||
extern THREAD_LS_T size_t StackSizeCheck_stackSize;
|
||||
extern THREAD_LS_T size_t StackSizeCheck_stackSizeHWM;
|
||||
extern THREAD_LS_T size_t *StackSizeCheck_stackSizeHWM_ptr;
|
||||
extern THREAD_LS_T void *StackSizeCheck_stackOffsetPointer;
|
||||
|
||||
static void *debug_stack_size_verbose_shim(struct stack_size_debug_context *shim_args) {
|
||||
StackSizeCheck_myStack = shim_args->myStack;
|
||||
StackSizeCheck_stackSize = shim_args->stackSize;
|
||||
|
||||
@@ -191,6 +191,14 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
|
||||
#define WOLFSSL_ERROR_MSG(m)
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_STACK_SIZE_VERBOSE
|
||||
extern WOLFSSL_API THREAD_LS_T unsigned char *StackSizeCheck_myStack;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSize;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t StackSizeCheck_stackSizeHWM;
|
||||
extern WOLFSSL_API THREAD_LS_T size_t *StackSizeCheck_stackSizeHWM_ptr;
|
||||
extern WOLFSSL_API THREAD_LS_T void *StackSizeCheck_stackOffsetPointer;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -2157,12 +2157,6 @@ extern void uITRON4_free(void *p) ;
|
||||
#ifndef WOLFSSL_SP_DIV_WORD_HALF
|
||||
#define WOLFSSL_SP_DIV_WORD_HALF
|
||||
#endif
|
||||
#ifndef SP_HALF_SIZE
|
||||
#define SP_HALF_SIZE 32
|
||||
#endif
|
||||
#ifndef SP_HALF_MAX
|
||||
#define SP_HALF_MAX 4294967295U
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
@@ -90,7 +90,7 @@ enum {
|
||||
#else
|
||||
|
||||
/* Sha3 digest */
|
||||
struct Sha3 {
|
||||
struct wc_Sha3 {
|
||||
/* State data that is processed for each block. */
|
||||
word64 s[25];
|
||||
/* Unprocessed message data. */
|
||||
@@ -109,7 +109,7 @@ struct Sha3 {
|
||||
};
|
||||
|
||||
#ifndef WC_SHA3_TYPE_DEFINED
|
||||
typedef struct Sha3 wc_Sha3;
|
||||
typedef struct wc_Sha3 wc_Sha3;
|
||||
#define WC_SHA3_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
|
||||
@@ -31,6 +31,10 @@ This library provides single precision (SP) integer math functions.
|
||||
#include <limits.h>
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Find smallest type for smallest bits. */
|
||||
#if UCHAR_MAX == 255
|
||||
#define SP_UCHAR_BITS 8
|
||||
@@ -889,5 +893,8 @@ WOLFSSL_API word32 CheckRunTimeFastMath(void);
|
||||
|
||||
#endif
|
||||
|
||||
#endif /* WOLF_CRYPT_SP_H */
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* WOLF_CRYPT_SP_H */
|
||||
|
||||
@@ -124,6 +124,27 @@
|
||||
|
||||
_Pragma("GCC diagnostic pop");
|
||||
|
||||
/* Linux headers define these using C expressions, but we need
|
||||
* them to be evaluable by the preprocessor, for use in sp_int.h.
|
||||
*/
|
||||
_Static_assert(sizeof(ULONG_MAX) == 8, "WOLFSSL_LINUXKM supported only on targets with 64 bit long words.");
|
||||
#undef UCHAR_MAX
|
||||
#define UCHAR_MAX 255
|
||||
#undef USHRT_MAX
|
||||
#define USHRT_MAX 65535
|
||||
#undef UINT_MAX
|
||||
#define UINT_MAX 4294967295U
|
||||
#undef ULONG_MAX
|
||||
#define ULONG_MAX 18446744073709551615UL
|
||||
#undef ULLONG_MAX
|
||||
#define ULLONG_MAX ULONG_MAX
|
||||
#undef INT_MAX
|
||||
#define INT_MAX 2147483647
|
||||
#undef LONG_MAX
|
||||
#define LONG_MAX 9223372036854775807L
|
||||
#undef LLONG_MAX
|
||||
#define LLONG_MAX LONG_MAX
|
||||
|
||||
/* remove this multifariously conflicting macro, picked up from
|
||||
* Linux arch/<arch>/include/asm/current.h.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user