mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 18:00:48 +02:00
Merge remote-tracking branch 'upstream/master' into gh7197
This commit is contained in:
@@ -63,6 +63,8 @@ jobs:
|
||||
'--enable-coding=no',
|
||||
'--enable-dtls --enable-dtls13 --enable-ocspstapling --enable-ocspstapling2
|
||||
--enable-cert-setup-cb --enable-sessioncerts',
|
||||
'--enable-dtls --enable-dtls13 --enable-tls13
|
||||
CPPFLAGS=-DWOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC',
|
||||
'--disable-sni --disable-ecc --disable-tls13 --disable-secure-renegotiation-info',
|
||||
'CPPFLAGS=-DWOLFSSL_BLIND_PRIVATE_KEY',
|
||||
'--enable-all --enable-certgencache',
|
||||
|
||||
@@ -101,7 +101,7 @@ jobs:
|
||||
# Retry up to five times
|
||||
for i in {1..5}; do
|
||||
TEST_RES=0
|
||||
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib make check || TEST_RES=$?
|
||||
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib RNGD_JITTER_TIMEOUT=100 make check || TEST_RES=$?
|
||||
if [ "$TEST_RES" -eq "0" ]; then
|
||||
break
|
||||
fi
|
||||
|
||||
@@ -653,6 +653,7 @@ WOLFSSL_AESNI_BY6
|
||||
WOLFSSL_AES_CTR_EXAMPLE
|
||||
WOLFSSL_AFTER_DATE_CLOCK_SKEW
|
||||
WOLFSSL_ALGO_HW_MUTEX
|
||||
WOLFSSL_ALLOW_AKID_SKID_MATCH
|
||||
WOLFSSL_ALLOW_BAD_TLS_LEGACY_VERSION
|
||||
WOLFSSL_ALLOW_CRIT_AIA
|
||||
WOLFSSL_ALLOW_CRIT_AKID
|
||||
@@ -902,6 +903,7 @@ WOLFSSL_TICKET_ENC_HMAC_SHA512
|
||||
WOLFSSL_TI_CURRTIME
|
||||
WOLFSSL_TLS13_DRAFT
|
||||
WOLFSSL_TLS13_IGNORE_AEAD_LIMITS
|
||||
WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
|
||||
WOLFSSL_TLS13_SHA512
|
||||
WOLFSSL_TLS13_TICKET_BEFORE_FINISHED
|
||||
WOLFSSL_TLSX_PQC_MLKEM_STORE_PRIV_KEY
|
||||
@@ -1028,6 +1030,7 @@ __MWERKS__
|
||||
__NT__
|
||||
__OS2__
|
||||
__OpenBSD__
|
||||
__PIC__
|
||||
__PIE__
|
||||
__POWERPC__
|
||||
__PPC__
|
||||
|
||||
+11
-4
@@ -10111,10 +10111,7 @@ fi
|
||||
|
||||
if test "x$ENABLED_SYS_CA_CERTS" = "xyes"
|
||||
then
|
||||
if test "x$ENABLED_FILESYSTEM" = "xno"
|
||||
then
|
||||
ENABLED_SYS_CA_CERTS="no"
|
||||
elif test "x$ENABLED_CERTS" = "xno"
|
||||
if test "x$ENABLED_CERTS" = "xno"
|
||||
then
|
||||
ENABLED_SYS_CA_CERTS="no"
|
||||
fi
|
||||
@@ -10146,6 +10143,16 @@ then
|
||||
AC_MSG_ERROR([Unable to find Apple Security.framework headers])
|
||||
])
|
||||
;;
|
||||
mingw*)
|
||||
;;
|
||||
*)
|
||||
# Only disable on no filesystem non Mac/Windows, as Mac and Windows
|
||||
# depend on APIs which don't need filesystem support enabled in wolfSSL.
|
||||
if test "x$ENABLED_FILESYSTEM" = "xno"
|
||||
then
|
||||
ENABLED_SYS_CA_CERTS="no"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
|
||||
@@ -14418,8 +14418,7 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
|
||||
\ingroup IO
|
||||
|
||||
\brief This function writes early data to the server on resumption.
|
||||
Call this function instead of wolfSSL_connect() or wolfSSL_connect_TLSv13()
|
||||
to connect to the server and send the data in the handshake.
|
||||
Call this function before wolfSSL_connect() or wolfSSL_connect_TLSv13().
|
||||
This function is only used with clients.
|
||||
|
||||
\param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
|
||||
@@ -14431,7 +14430,7 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
|
||||
not using TLSv1.3.
|
||||
\return SIDE_ERROR if called with a server.
|
||||
\return WOLFSSL_FATAL_ERROR if the connection is not made.
|
||||
\return WOLFSSL_SUCCESS if successful.
|
||||
\return the amount of early data written in bytes if successful.
|
||||
|
||||
_Example_
|
||||
\code
|
||||
@@ -14444,7 +14443,7 @@ int wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
|
||||
...
|
||||
|
||||
ret = wolfSSL_write_early_data(ssl, earlyData, sizeof(earlyData), &outSz);
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
if (ret < 0) {
|
||||
err = wolfSSL_get_error(ssl, ret);
|
||||
printf(“error = %d, %s\n”, err, wolfSSL_ERR_error_string(err, buffer));
|
||||
goto err_label;
|
||||
|
||||
+62
-39
@@ -3038,7 +3038,7 @@ void FreeSSL_Ctx(WOLFSSL_CTX* ctx)
|
||||
!defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_TLS)
|
||||
TicketEncCbCtx_Free(&ctx->ticketKeyCtx);
|
||||
#endif
|
||||
wolfSSL_RefFree(&ctx->ref);
|
||||
wolfSSL_RefWithMutexFree(&ctx->ref);
|
||||
XFREE(ctx, heap, DYNAMIC_TYPE_CTX);
|
||||
}
|
||||
else {
|
||||
@@ -21697,20 +21697,20 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type)
|
||||
byte code;
|
||||
word32 dataSz = (word32)ssl->curSize;
|
||||
|
||||
#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
|
||||
if (ssl->hsInfoOn)
|
||||
AddPacketName(ssl, "Alert");
|
||||
if (ssl->toInfoOn) {
|
||||
/* add record header back on to info + alert bytes level/code */
|
||||
int ret = AddPacketInfo(ssl, "Alert", alert, input + *inOutIdx,
|
||||
ALERT_SIZE, READ_PROTO, RECORD_HEADER_SZ, ssl->heap);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#ifdef WOLFSSL_CALLBACKS
|
||||
AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
#if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA)
|
||||
if (ssl->hsInfoOn)
|
||||
AddPacketName(ssl, "Alert");
|
||||
if (ssl->toInfoOn) {
|
||||
/* add record header back on to info + alert bytes level/code */
|
||||
int ret = AddPacketInfo(ssl, "Alert", alert, input + *inOutIdx,
|
||||
ALERT_SIZE, READ_PROTO, RECORD_HEADER_SZ, ssl->heap);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
#ifdef WOLFSSL_CALLBACKS
|
||||
AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
if (IsEncryptionOn(ssl, 0))
|
||||
dataSz -= ssl->keys.padSz;
|
||||
@@ -21725,11 +21725,18 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type)
|
||||
|
||||
level = input[(*inOutIdx)++];
|
||||
code = input[(*inOutIdx)++];
|
||||
ssl->alert_history.last_rx.code = code;
|
||||
ssl->alert_history.last_rx.level = level;
|
||||
*type = code;
|
||||
if (level == alert_fatal) {
|
||||
ssl->options.isClosed = 1; /* Don't send close_notify */
|
||||
#ifdef WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
|
||||
/* Don't process alert when TLS 1.3 and encrypting but plaintext alert. */
|
||||
if (!IsAtLeastTLSv1_3(ssl->version) || !IsEncryptionOn(ssl, 0) ||
|
||||
ssl->keys.decryptedCur)
|
||||
#endif
|
||||
{
|
||||
ssl->alert_history.last_rx.code = code;
|
||||
ssl->alert_history.last_rx.level = level;
|
||||
if (level == alert_fatal) {
|
||||
ssl->options.isClosed = 1; /* Don't send close_notify */
|
||||
}
|
||||
}
|
||||
|
||||
if (++ssl->options.alertCount >= WOLFSSL_ALERT_COUNT_MAX) {
|
||||
@@ -21743,20 +21750,35 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type)
|
||||
}
|
||||
|
||||
LogAlert(*type);
|
||||
if (*type == close_notify) {
|
||||
ssl->options.closeNotify = 1;
|
||||
if (IsAtLeastTLSv1_3(ssl->version) && IsEncryptionOn(ssl, 0) &&
|
||||
!ssl->keys.decryptedCur)
|
||||
{
|
||||
#ifdef WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
|
||||
/* Ignore alert if TLS 1.3 and encrypting but was plaintext alert. */
|
||||
*type = invalid_alert;
|
||||
level = alert_none;
|
||||
|
||||
#else
|
||||
/* Unexpected message when encryption is on and alert not encrypted. */
|
||||
SendAlert(ssl, alert_fatal, unexpected_message);
|
||||
WOLFSSL_ERROR_VERBOSE(PARSE_ERROR);
|
||||
return PARSE_ERROR;
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
/*
|
||||
* A close_notify alert doesn't mean there's been an error, so we only
|
||||
* add other types of alerts to the error queue
|
||||
*/
|
||||
WOLFSSL_ERROR(*type);
|
||||
if (*type == close_notify) {
|
||||
ssl->options.closeNotify = 1;
|
||||
}
|
||||
else {
|
||||
/*
|
||||
* A close_notify alert doesn't mean there's been an error, so we
|
||||
* only add other types of alerts to the error queue
|
||||
*/
|
||||
WOLFSSL_ERROR(*type);
|
||||
}
|
||||
}
|
||||
|
||||
if (IsEncryptionOn(ssl, 0)) {
|
||||
if (IsEncryptionOn(ssl, 0))
|
||||
*inOutIdx += ssl->keys.padSz;
|
||||
}
|
||||
|
||||
return level;
|
||||
}
|
||||
@@ -22507,7 +22529,8 @@ default:
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (IsAtLeastTLSv1_3(ssl->version) && IsEncryptionOn(ssl, 0) &&
|
||||
ssl->curRL.type != application_data &&
|
||||
ssl->curRL.type != change_cipher_spec) {
|
||||
ssl->curRL.type != change_cipher_spec &&
|
||||
ssl->curRL.type != alert) {
|
||||
SendAlert(ssl, alert_fatal, unexpected_message);
|
||||
WOLFSSL_ERROR_VERBOSE(PARSE_ERROR);
|
||||
return PARSE_ERROR;
|
||||
@@ -22615,9 +22638,9 @@ default:
|
||||
case decryptMessage:
|
||||
|
||||
if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 &&
|
||||
(!IsAtLeastTLSv1_3(ssl->version) ||
|
||||
ssl->curRL.type != change_cipher_spec))
|
||||
{
|
||||
(!IsAtLeastTLSv1_3(ssl->version) ||
|
||||
(ssl->curRL.type != change_cipher_spec &&
|
||||
ssl->curRL.type != alert))) {
|
||||
ret = DoDecrypt(ssl);
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E))
|
||||
@@ -22694,9 +22717,9 @@ default:
|
||||
case verifyMessage:
|
||||
|
||||
if (IsEncryptionOn(ssl, 0) && ssl->keys.decryptedCur == 0 &&
|
||||
(!IsAtLeastTLSv1_3(ssl->version) ||
|
||||
ssl->curRL.type != change_cipher_spec))
|
||||
{
|
||||
(!IsAtLeastTLSv1_3(ssl->version) ||
|
||||
(ssl->curRL.type != change_cipher_spec &&
|
||||
ssl->curRL.type != alert))) {
|
||||
if (!atomicUser
|
||||
#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
|
||||
&& !ssl->options.startedETMRead
|
||||
@@ -42234,11 +42257,11 @@ static int DisplaySecTrustError(CFErrorRef error, SecTrustRef trust)
|
||||
/* Description */
|
||||
desc = CFErrorCopyDescription(error);
|
||||
if (desc) {
|
||||
char buffer[256];
|
||||
if (CFStringGetCString(desc, buffer, sizeof(buffer),
|
||||
char buf[256];
|
||||
if (CFStringGetCString(desc, buf, sizeof(buf),
|
||||
kCFStringEncodingUTF8)) {
|
||||
WOLFSSL_MSG_EX("SecTrustEvaluateWithError Error description: %s\n",
|
||||
buffer);
|
||||
buf);
|
||||
}
|
||||
CFRelease(desc);
|
||||
}
|
||||
|
||||
+31
-18
@@ -4847,18 +4847,25 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
|
||||
XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ);
|
||||
XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input, AESGCM_EXP_IV_SZ);
|
||||
|
||||
if ((ret = aes_auth_fn(ssl->decrypt.aes,
|
||||
plain,
|
||||
input + AESGCM_EXP_IV_SZ,
|
||||
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
|
||||
ssl->decrypt.nonce, AESGCM_NONCE_SZ,
|
||||
ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
|
||||
NULL, 0)) < 0) {
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
|
||||
ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
|
||||
if (sz < AESGCM_EXP_IV_SZ + ssl->specs.aead_mac_size) {
|
||||
ret = BUFFER_ERROR;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
ret = aes_auth_fn(ssl->decrypt.aes,
|
||||
plain,
|
||||
input + AESGCM_EXP_IV_SZ,
|
||||
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
|
||||
ssl->decrypt.nonce, AESGCM_NONCE_SZ,
|
||||
ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
|
||||
NULL, 0);
|
||||
if (ret < 0) {
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
if (ret == WC_NO_ERR_TRACE(WC_PENDING_E)) {
|
||||
ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
}
|
||||
}
|
||||
break;
|
||||
@@ -4866,13 +4873,19 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
|
||||
|
||||
#ifdef HAVE_ARIA
|
||||
case wolfssl_aria_gcm:
|
||||
ret = wc_AriaDecrypt(ssl->decrypt.aria,
|
||||
plain,
|
||||
(byte *)input + AESGCM_EXP_IV_SZ,
|
||||
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
|
||||
ssl->decrypt.nonce, AESGCM_NONCE_SZ,
|
||||
ssl->decrypt.additional, ssl->specs.aead_mac_size,
|
||||
NULL, 0);
|
||||
if (sz < AESGCM_EXP_IV_SZ + ssl->specs.aead_mac_size) {
|
||||
ret = BUFFER_ERROR;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
ret = wc_AriaDecrypt(ssl->decrypt.aria,
|
||||
plain,
|
||||
(byte *)input + AESGCM_EXP_IV_SZ,
|
||||
sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
|
||||
ssl->decrypt.nonce, AESGCM_NONCE_SZ,
|
||||
ssl->decrypt.additional, ssl->specs.aead_mac_size,
|
||||
NULL, 0);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
|
||||
|
||||
+299
-298
@@ -28,7 +28,8 @@
|
||||
*/
|
||||
|
||||
#ifdef WOLFSSL_SYS_CA_CERTS
|
||||
/* Will be turned off automatically when NO_FILESYSTEM is defined */
|
||||
/* Will be turned off automatically when NO_FILESYSTEM is defined
|
||||
* for non Mac/Windows systems */
|
||||
|
||||
#ifdef _WIN32
|
||||
#define _WINSOCKAPI_ /* block inclusion of winsock.h header file */
|
||||
@@ -3041,303 +3042,6 @@ int wolfSSL_CTX_load_verify_locations_compat(WOLFSSL_CTX* ctx, const char* file,
|
||||
return WS_RETURN_CODE(ret, 0);
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SYS_CA_CERTS
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
/* Load CA certificate from Windows store.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsWindows(WOLFSSL_CTX* ctx, byte* loaded)
|
||||
{
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
HANDLE handle = NULL;
|
||||
PCCERT_CONTEXT certCtx = NULL;
|
||||
LPCSTR storeNames[2] = {"ROOT", "CA"};
|
||||
HCRYPTPROV_LEGACY hProv = (HCRYPTPROV_LEGACY)NULL;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(storeNames)/sizeof(*storeNames));
|
||||
++i) {
|
||||
handle = CertOpenSystemStoreA(hProv, storeNames[i]);
|
||||
if (handle != NULL) {
|
||||
while ((certCtx = CertEnumCertificatesInStore(handle, certCtx))
|
||||
!= NULL) {
|
||||
if (certCtx->dwCertEncodingType == X509_ASN_ENCODING) {
|
||||
if (ProcessBuffer(ctx, certCtx->pbCertEncoded,
|
||||
certCtx->cbCertEncoded, WOLFSSL_FILETYPE_ASN1,
|
||||
CA_TYPE, NULL, NULL, 0,
|
||||
GET_VERIFY_SETTING_CTX(ctx),
|
||||
storeNames[i]) == 1) {
|
||||
/*
|
||||
* Set "loaded" as long as we've loaded one CA
|
||||
* cert.
|
||||
*/
|
||||
*loaded = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("Failed to open cert store %s.", storeNames[i]);
|
||||
}
|
||||
|
||||
if (handle != NULL && !CertCloseStore(handle, 0)) {
|
||||
WOLFSSL_MSG_EX("Failed to close cert store %s.", storeNames[i]);
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(__APPLE__)
|
||||
|
||||
#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
|
||||
&& !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* Manually obtains certificates from the system trust store and loads them
|
||||
* directly into wolfSSL "the old way".
|
||||
*
|
||||
* As of MacOS 14.0 we are still able to use this method to access system
|
||||
* certificates. Accessibility of this API is indicated by the presence of the
|
||||
* Security/SecTrustSettings.h header. In the likely event that Apple removes
|
||||
* access to this API on Macs, this function should be removed and the
|
||||
* DoAppleNativeCertValidation() routine should be used for all devices.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
|
||||
{
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
const unsigned int trustDomains[] = {
|
||||
kSecTrustSettingsDomainUser,
|
||||
kSecTrustSettingsDomainAdmin,
|
||||
kSecTrustSettingsDomainSystem
|
||||
};
|
||||
CFArrayRef certs;
|
||||
OSStatus stat;
|
||||
CFIndex numCerts;
|
||||
CFDataRef der;
|
||||
CFIndex j;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(trustDomains)/sizeof(*trustDomains));
|
||||
++i) {
|
||||
stat = SecTrustSettingsCopyCertificates(
|
||||
(SecTrustSettingsDomain)trustDomains[i], &certs);
|
||||
if (stat == errSecSuccess) {
|
||||
numCerts = CFArrayGetCount(certs);
|
||||
for (j = 0; j < numCerts; ++j) {
|
||||
der = SecCertificateCopyData((SecCertificateRef)
|
||||
CFArrayGetValueAtIndex(certs, j));
|
||||
if (der != NULL) {
|
||||
if (ProcessBuffer(ctx, CFDataGetBytePtr(der),
|
||||
CFDataGetLength(der), WOLFSSL_FILETYPE_ASN1,
|
||||
CA_TYPE, NULL, NULL, 0,
|
||||
GET_VERIFY_SETTING_CTX(ctx),
|
||||
"MacOSX trustDomains") == 1) {
|
||||
/*
|
||||
* Set "loaded" as long as we've loaded one CA
|
||||
* cert.
|
||||
*/
|
||||
*loaded = 1;
|
||||
}
|
||||
|
||||
CFRelease(der);
|
||||
}
|
||||
}
|
||||
|
||||
CFRelease(certs);
|
||||
}
|
||||
else if (stat == errSecNoTrustSettings) {
|
||||
WOLFSSL_MSG_EX("No trust settings for domain %d, moving to next "
|
||||
"domain.", trustDomains[i]);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("SecTrustSettingsCopyCertificates failed with"
|
||||
" status %d.", stat);
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) */
|
||||
|
||||
#else
|
||||
|
||||
/* Potential system CA certs directories on Linux/Unix distros. */
|
||||
static const char* systemCaDirs[] = {
|
||||
#if defined(__ANDROID__) || defined(ANDROID)
|
||||
"/system/etc/security/cacerts" /* Android */
|
||||
#else
|
||||
"/etc/ssl/certs", /* Debian, Ubuntu, Gentoo, others */
|
||||
"/etc/pki/ca-trust/source/anchors", /* Fedora, RHEL */
|
||||
"/etc/pki/tls/certs" /* Older RHEL */
|
||||
#endif
|
||||
};
|
||||
|
||||
/* Get CA directory list.
|
||||
*
|
||||
* @param [out] num Number of CA directories.
|
||||
* @return CA directory list.
|
||||
* @return NULL when num is NULL.
|
||||
*/
|
||||
const char** wolfSSL_get_system_CA_dirs(word32* num)
|
||||
{
|
||||
const char** ret;
|
||||
|
||||
/* Validate parameters. */
|
||||
if (num == NULL) {
|
||||
ret = NULL;
|
||||
}
|
||||
else {
|
||||
ret = systemCaDirs;
|
||||
*num = sizeof(systemCaDirs)/sizeof(*systemCaDirs);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Load CA certificate from default system directories.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsNix(WOLFSSL_CTX* ctx, byte* loaded) {
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(systemCaDirs)/sizeof(*systemCaDirs));
|
||||
++i) {
|
||||
WOLFSSL_MSG_EX("Attempting to load system CA certs from %s.",
|
||||
systemCaDirs[i]);
|
||||
/*
|
||||
* We want to keep trying to load more CA certs even if one cert in
|
||||
* the directory is bad and can't be used (e.g. if one is expired),
|
||||
* so we use WOLFSSL_LOAD_FLAG_IGNORE_ERR.
|
||||
*/
|
||||
if (wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, systemCaDirs[i],
|
||||
WOLFSSL_LOAD_FLAG_IGNORE_ERR) != 1) {
|
||||
WOLFSSL_MSG_EX("Failed to load CA certs from %s, trying "
|
||||
"next possible location.", systemCaDirs[i]);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("Loaded CA certs from %s.",
|
||||
systemCaDirs[i]);
|
||||
*loaded = 1;
|
||||
/* Stop searching after we've loaded one directory. */
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* Load CA certificates from system defined locations.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
* @return WOLFSSL_BAD_PATH when no error but no certificates loaded.
|
||||
*/
|
||||
int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
int ret;
|
||||
byte loaded = 0;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_load_system_CA_certs");
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
ret = LoadSystemCaCertsWindows(ctx, &loaded);
|
||||
|
||||
#elif defined(__APPLE__)
|
||||
|
||||
#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
|
||||
&& !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* As of MacOS 14.0 we are still able to access system certificates and
|
||||
* load them manually into wolfSSL "the old way". Accessibility of this API
|
||||
* is indicated by the presence of the Security/SecTrustSettings.h header */
|
||||
ret = LoadSystemCaCertsMac(ctx, &loaded);
|
||||
#elif defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* For other Apple devices, Apple has removed the ability to obtain
|
||||
* certificates from the trust store, so we can't use wolfSSL's built-in
|
||||
* certificate validation mechanisms anymore. We instead must call into the
|
||||
* Security Framework APIs to authenticate peer certificates when received.
|
||||
* (see src/internal.c:DoAppleNativeCertValidation()).
|
||||
* Thus, there is no CA "loading" required, but to keep behavior consistent
|
||||
* with the current API (not using system CA certs unless this function has
|
||||
* been called), we simply set a flag indicating that the new apple trust
|
||||
* verification routine should be used later */
|
||||
ctx->doAppleNativeCertValidationFlag = 1;
|
||||
ret = 1;
|
||||
loaded = 1;
|
||||
|
||||
#if FIPS_VERSION_GE(2,0) /* Gate back to cert 3389 FIPS modules */
|
||||
#warning "Cryptographic operations may occur outside the FIPS module boundary" \
|
||||
"Please review FIPS claims for cryptography on this Apple device"
|
||||
#endif /* FIPS_VERSION_GE(2,0) */
|
||||
|
||||
#else
|
||||
/* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching
|
||||
* system for the required SDK headers. If building with user_settings.h, you
|
||||
* will need to manually define WOLFSSL_APPLE_NATIVE_CERT_VALIDATION
|
||||
* and ensure the appropriate Security.framework headers and libraries are
|
||||
* visible to your compiler */
|
||||
#error "WOLFSSL_SYS_CA_CERTS on Apple devices requires Security.framework" \
|
||||
" header files to be detected, or a manual override with" \
|
||||
" WOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
|
||||
#endif
|
||||
|
||||
#else
|
||||
|
||||
ret = LoadSystemCaCertsNix(ctx, &loaded);
|
||||
|
||||
#endif
|
||||
|
||||
/* If we didn't fail but didn't load then we error out. */
|
||||
if ((ret == 1) && (!loaded)) {
|
||||
ret = WOLFSSL_BAD_PATH;
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("wolfSSL_CTX_load_system_CA_certs", ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SYS_CA_CERTS */
|
||||
|
||||
#ifdef WOLFSSL_TRUST_PEER_CERT
|
||||
/* Load a trusted peer certificate into SSL context.
|
||||
*
|
||||
@@ -3563,6 +3267,303 @@ int wolfSSL_CTX_use_certificate_chain_file_format(WOLFSSL_CTX* ctx,
|
||||
|
||||
#endif /* NO_FILESYSTEM */
|
||||
|
||||
#ifdef WOLFSSL_SYS_CA_CERTS
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
/* Load CA certificate from Windows store.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsWindows(WOLFSSL_CTX* ctx, byte* loaded)
|
||||
{
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
HANDLE handle = NULL;
|
||||
PCCERT_CONTEXT certCtx = NULL;
|
||||
LPCSTR storeNames[2] = {"ROOT", "CA"};
|
||||
HCRYPTPROV_LEGACY hProv = (HCRYPTPROV_LEGACY)NULL;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(storeNames)/sizeof(*storeNames));
|
||||
++i) {
|
||||
handle = CertOpenSystemStoreA(hProv, storeNames[i]);
|
||||
if (handle != NULL) {
|
||||
while ((certCtx = CertEnumCertificatesInStore(handle, certCtx))
|
||||
!= NULL) {
|
||||
if (certCtx->dwCertEncodingType == X509_ASN_ENCODING) {
|
||||
if (ProcessBuffer(ctx, certCtx->pbCertEncoded,
|
||||
certCtx->cbCertEncoded, WOLFSSL_FILETYPE_ASN1,
|
||||
CA_TYPE, NULL, NULL, 0,
|
||||
GET_VERIFY_SETTING_CTX(ctx),
|
||||
storeNames[i]) == 1) {
|
||||
/*
|
||||
* Set "loaded" as long as we've loaded one CA
|
||||
* cert.
|
||||
*/
|
||||
*loaded = 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("Failed to open cert store %s.", storeNames[i]);
|
||||
}
|
||||
|
||||
if (handle != NULL && !CertCloseStore(handle, 0)) {
|
||||
WOLFSSL_MSG_EX("Failed to close cert store %s.", storeNames[i]);
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#elif defined(__APPLE__)
|
||||
|
||||
#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
|
||||
&& !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* Manually obtains certificates from the system trust store and loads them
|
||||
* directly into wolfSSL "the old way".
|
||||
*
|
||||
* As of MacOS 14.0 we are still able to use this method to access system
|
||||
* certificates. Accessibility of this API is indicated by the presence of the
|
||||
* Security/SecTrustSettings.h header. In the likely event that Apple removes
|
||||
* access to this API on Macs, this function should be removed and the
|
||||
* DoAppleNativeCertValidation() routine should be used for all devices.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
|
||||
{
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
const unsigned int trustDomains[] = {
|
||||
kSecTrustSettingsDomainUser,
|
||||
kSecTrustSettingsDomainAdmin,
|
||||
kSecTrustSettingsDomainSystem
|
||||
};
|
||||
CFArrayRef certs;
|
||||
OSStatus stat;
|
||||
CFIndex numCerts;
|
||||
CFDataRef der;
|
||||
CFIndex j;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(trustDomains)/sizeof(*trustDomains));
|
||||
++i) {
|
||||
stat = SecTrustSettingsCopyCertificates(
|
||||
(SecTrustSettingsDomain)trustDomains[i], &certs);
|
||||
if (stat == errSecSuccess) {
|
||||
numCerts = CFArrayGetCount(certs);
|
||||
for (j = 0; j < numCerts; ++j) {
|
||||
der = SecCertificateCopyData((SecCertificateRef)
|
||||
CFArrayGetValueAtIndex(certs, j));
|
||||
if (der != NULL) {
|
||||
if (ProcessBuffer(ctx, CFDataGetBytePtr(der),
|
||||
CFDataGetLength(der), WOLFSSL_FILETYPE_ASN1,
|
||||
CA_TYPE, NULL, NULL, 0,
|
||||
GET_VERIFY_SETTING_CTX(ctx),
|
||||
"MacOSX trustDomains") == 1) {
|
||||
/*
|
||||
* Set "loaded" as long as we've loaded one CA
|
||||
* cert.
|
||||
*/
|
||||
*loaded = 1;
|
||||
}
|
||||
|
||||
CFRelease(der);
|
||||
}
|
||||
}
|
||||
|
||||
CFRelease(certs);
|
||||
}
|
||||
else if (stat == errSecNoTrustSettings) {
|
||||
WOLFSSL_MSG_EX("No trust settings for domain %d, moving to next "
|
||||
"domain.", trustDomains[i]);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("SecTrustSettingsCopyCertificates failed with"
|
||||
" status %d.", stat);
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) */
|
||||
|
||||
#elif !defined(NO_FILESYSTEM)
|
||||
|
||||
/* Potential system CA certs directories on Linux/Unix distros. */
|
||||
static const char* systemCaDirs[] = {
|
||||
#if defined(__ANDROID__) || defined(ANDROID)
|
||||
"/system/etc/security/cacerts" /* Android */
|
||||
#else
|
||||
"/etc/ssl/certs", /* Debian, Ubuntu, Gentoo, others */
|
||||
"/etc/pki/ca-trust/source/anchors", /* Fedora, RHEL */
|
||||
"/etc/pki/tls/certs" /* Older RHEL */
|
||||
#endif
|
||||
};
|
||||
|
||||
/* Get CA directory list.
|
||||
*
|
||||
* @param [out] num Number of CA directories.
|
||||
* @return CA directory list.
|
||||
* @return NULL when num is NULL.
|
||||
*/
|
||||
const char** wolfSSL_get_system_CA_dirs(word32* num)
|
||||
{
|
||||
const char** ret;
|
||||
|
||||
/* Validate parameters. */
|
||||
if (num == NULL) {
|
||||
ret = NULL;
|
||||
}
|
||||
else {
|
||||
ret = systemCaDirs;
|
||||
*num = sizeof(systemCaDirs)/sizeof(*systemCaDirs);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* Load CA certificate from default system directories.
|
||||
*
|
||||
* Assumes loaded is 0.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @param [out] loaded Whether CA certificates were loaded.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
*/
|
||||
static int LoadSystemCaCertsNix(WOLFSSL_CTX* ctx, byte* loaded) {
|
||||
int ret = 1;
|
||||
word32 i;
|
||||
|
||||
if ((ctx == NULL) || (loaded == NULL)) {
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
for (i = 0; (ret == 1) && (i < sizeof(systemCaDirs)/sizeof(*systemCaDirs));
|
||||
++i) {
|
||||
WOLFSSL_MSG_EX("Attempting to load system CA certs from %s.",
|
||||
systemCaDirs[i]);
|
||||
/*
|
||||
* We want to keep trying to load more CA certs even if one cert in
|
||||
* the directory is bad and can't be used (e.g. if one is expired),
|
||||
* so we use WOLFSSL_LOAD_FLAG_IGNORE_ERR.
|
||||
*/
|
||||
if (wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, systemCaDirs[i],
|
||||
WOLFSSL_LOAD_FLAG_IGNORE_ERR) != 1) {
|
||||
WOLFSSL_MSG_EX("Failed to load CA certs from %s, trying "
|
||||
"next possible location.", systemCaDirs[i]);
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG_EX("Loaded CA certs from %s.",
|
||||
systemCaDirs[i]);
|
||||
*loaded = 1;
|
||||
/* Stop searching after we've loaded one directory. */
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/* Load CA certificates from system defined locations.
|
||||
*
|
||||
* @param [in, out] ctx SSL context object.
|
||||
* @return 1 on success.
|
||||
* @return 0 on failure.
|
||||
* @return WOLFSSL_BAD_PATH when no error but no certificates loaded.
|
||||
*/
|
||||
int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx)
|
||||
{
|
||||
int ret;
|
||||
byte loaded = 0;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_load_system_CA_certs");
|
||||
|
||||
#ifdef USE_WINDOWS_API
|
||||
|
||||
ret = LoadSystemCaCertsWindows(ctx, &loaded);
|
||||
|
||||
#elif defined(__APPLE__)
|
||||
|
||||
#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
|
||||
&& !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* As of MacOS 14.0 we are still able to access system certificates and
|
||||
* load them manually into wolfSSL "the old way". Accessibility of this API
|
||||
* is indicated by the presence of the Security/SecTrustSettings.h header */
|
||||
ret = LoadSystemCaCertsMac(ctx, &loaded);
|
||||
#elif defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
|
||||
/* For other Apple devices, Apple has removed the ability to obtain
|
||||
* certificates from the trust store, so we can't use wolfSSL's built-in
|
||||
* certificate validation mechanisms anymore. We instead must call into the
|
||||
* Security Framework APIs to authenticate peer certificates when received.
|
||||
* (see src/internal.c:DoAppleNativeCertValidation()).
|
||||
* Thus, there is no CA "loading" required, but to keep behavior consistent
|
||||
* with the current API (not using system CA certs unless this function has
|
||||
* been called), we simply set a flag indicating that the new apple trust
|
||||
* verification routine should be used later */
|
||||
ctx->doAppleNativeCertValidationFlag = 1;
|
||||
ret = 1;
|
||||
loaded = 1;
|
||||
|
||||
#if FIPS_VERSION_GE(2,0) /* Gate back to cert 3389 FIPS modules */
|
||||
#warning "Cryptographic operations may occur outside the FIPS module boundary" \
|
||||
"Please review FIPS claims for cryptography on this Apple device"
|
||||
#endif /* FIPS_VERSION_GE(2,0) */
|
||||
|
||||
#else
|
||||
/* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching
|
||||
* system for the required SDK headers. If building with user_settings.h, you
|
||||
* will need to manually define WOLFSSL_APPLE_NATIVE_CERT_VALIDATION
|
||||
* and ensure the appropriate Security.framework headers and libraries are
|
||||
* visible to your compiler */
|
||||
#error "WOLFSSL_SYS_CA_CERTS on Apple devices requires Security.framework" \
|
||||
" header files to be detected, or a manual override with" \
|
||||
" WOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
|
||||
#endif
|
||||
|
||||
#else
|
||||
|
||||
ret = LoadSystemCaCertsNix(ctx, &loaded);
|
||||
|
||||
#endif
|
||||
|
||||
/* If we didn't fail but didn't load then we error out. */
|
||||
if ((ret == 1) && (!loaded)) {
|
||||
ret = WOLFSSL_BAD_PATH;
|
||||
}
|
||||
|
||||
WOLFSSL_LEAVE("wolfSSL_CTX_load_system_CA_certs", ret);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_SYS_CA_CERTS */
|
||||
|
||||
#ifdef OPENSSL_EXTRA
|
||||
|
||||
/* Load a private key into SSL.
|
||||
|
||||
@@ -9979,6 +9979,20 @@ int TLSX_KeyShare_Parse_ClientHello(const WOLFSSL* ssl,
|
||||
offset += ret;
|
||||
}
|
||||
|
||||
if (ssl->hrr_keyshare_group != 0) {
|
||||
/*
|
||||
* https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.8
|
||||
* when sending the new ClientHello, the client MUST
|
||||
* replace the original "key_share" extension with one containing only a
|
||||
* new KeyShareEntry for the group indicated in the selected_group field
|
||||
* of the triggering HelloRetryRequest
|
||||
*/
|
||||
if (seenGroupsCnt != 1 || seenGroups[0] != ssl->hrr_keyshare_group) {
|
||||
WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
|
||||
return BAD_KEY_SHARE_DATA;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -7475,6 +7475,15 @@ int SendTls13ServerHello(WOLFSSL* ssl, byte extMsgType)
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
if (extMsgType == hello_retry_request) {
|
||||
TLSX* ksExt = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
|
||||
if (ksExt != NULL) {
|
||||
KeyShareEntry* kse = (KeyShareEntry*)ksExt->data;
|
||||
if (kse != NULL)
|
||||
ssl->hrr_keyshare_group = kse->group;
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SEND_HRR_COOKIE
|
||||
if (ssl->options.sendCookie && extMsgType == hello_retry_request) {
|
||||
/* Reset the hashes from here. We will be able to restart the hashes
|
||||
|
||||
+18
-1
@@ -268,7 +268,7 @@
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
|
||||
const char* currentTestName;
|
||||
const char* currentTestName = NULL;
|
||||
char tmpDirName[16];
|
||||
int tmpDirNameSet = 0;
|
||||
#endif
|
||||
@@ -35747,6 +35747,23 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
default:
|
||||
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if (info->free.algo == WC_ALGO_TYPE_CIPHER) {
|
||||
switch (info->free.type) {
|
||||
#ifndef NO_AES
|
||||
case WC_CIPHER_AES:
|
||||
{
|
||||
Aes* aes = (Aes*)info->free.obj;
|
||||
aes->devId = INVALID_DEVID;
|
||||
wc_AesFree(aes);
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
default:
|
||||
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
|
||||
|
||||
@@ -490,7 +490,7 @@ int test_wc_Ed25519PublicKeyToDer(void)
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
ExpectIntEQ(wc_ed25519_init(&key), 0);
|
||||
ExpectIntEQ(wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0),
|
||||
WC_NO_ERR_TRACE(BUFFER_E));
|
||||
WC_NO_ERR_TRACE(PUBLIC_KEY_E));
|
||||
wc_ed25519_free(&key);
|
||||
|
||||
/* Test good args */
|
||||
|
||||
@@ -4383,4 +4383,135 @@ int test_wc_PKCS7_DecodeCompressedData(void)
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
/*
|
||||
* Test for PKCS#7 SignedData with non-OCTET_STRING content
|
||||
* (PKCS#7 style vs CMS)
|
||||
*
|
||||
* Tests parsing PKCS#7 SignedData where the encapsulated content
|
||||
* is a SEQUENCE (as allowed by original PKCS#7 spec "ANY DEFINED BY
|
||||
* contentType") rather than an OCTET STRING (as mandated by CMS). This showed
|
||||
* up in use case of Authenticode signatures.
|
||||
*/
|
||||
int test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_PKCS7)
|
||||
PKCS7* pkcs7 = NULL;
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
word32 idx;
|
||||
int ret;
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Hand-crafted PKCS#7 SignedData (degenerate, no signers) with:
|
||||
* - Content type OID (1.3.6.1.4.1.311.2.1.4 = SPC_INDIRECT_DATA)
|
||||
* - Content is a SEQUENCE, NOT an OCTET STRING
|
||||
* - eContent is encoded as "ANY" type per original PKCS#7 spec.
|
||||
*
|
||||
* This test ensures wolfSSL's PKCS7 streaming code can correctly
|
||||
* parse SignedData types when the encapsulated content is not an OCTET
|
||||
* STRING (as CMS requires) but rather a SEQUENCE or other type
|
||||
* (as PKCS#7's "ANY" type allows). Microsoft Authenticode signatures
|
||||
* use this format with SPC_INDIRECT_DATA content.
|
||||
*
|
||||
* Structure:
|
||||
* ContentInfo SEQUENCE
|
||||
* contentType OID signedData
|
||||
* [0] SignedData SEQUENCE
|
||||
* version INTEGER 1
|
||||
* digestAlgorithms SET { sha256 }
|
||||
* encapContentInfo SEQUENCE
|
||||
* eContentType OID 1.3.6.1.4.1.311.2.1.4
|
||||
* [0] eContent
|
||||
* SEQUENCE { OID, OCTET STRING } - SEQUENCE not OCTET STRING
|
||||
* signerInfos SET {} (empty = degenerate)
|
||||
*/
|
||||
static const byte pkcs7Content[] = {
|
||||
/* ContentInfo SEQUENCE */
|
||||
0x30, 0x56,
|
||||
/* contentType OID: 1.2.840.113549.1.7.2 (signedData) */
|
||||
0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02,
|
||||
/* [0] EXPLICIT - content */
|
||||
0xA0, 0x49,
|
||||
/* SignedData SEQUENCE */
|
||||
0x30, 0x47,
|
||||
/* version INTEGER 1 */
|
||||
0x02, 0x01, 0x01,
|
||||
/* digestAlgorithms SET */
|
||||
0x31, 0x0F,
|
||||
/* AlgorithmIdentifier SEQUENCE */
|
||||
0x30, 0x0D,
|
||||
/* OID sha256: 2.16.840.1.101.3.4.2.1 */
|
||||
0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
|
||||
0x04, 0x02, 0x01,
|
||||
/* NULL */
|
||||
0x05, 0x00,
|
||||
/* encapContentInfo SEQUENCE */
|
||||
0x30, 0x2F,
|
||||
/* eContentType OID: 1.3.6.1.4.1.311.2.1.4 (SPC_INDIRECT_DATA) */
|
||||
0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82,
|
||||
0x37, 0x02, 0x01, 0x04,
|
||||
/* [0] EXPLICIT - eContent */
|
||||
0xA0, 0x21,
|
||||
/* Content SEQUENCE (0x30), not OCTET STRING (0x04)
|
||||
* Following PKCS#7 "ANY" type, not CMS OCTET STRING */
|
||||
0x30, 0x1F,
|
||||
/* Content: SEQUENCE { OID, OCTET STRING with 24 bytes } */
|
||||
0x06, 0x03, 0x55, 0x04, 0x03, /* OID 2.5.4.3 (5 bytes) */
|
||||
0x04, 0x18, /* OCTET STRING length 24 */
|
||||
0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, /* "This is " */
|
||||
0x74, 0x65, 0x73, 0x74, 0x20, 0x63, 0x6F, 0x6E, /* "test con" */
|
||||
0x74, 0x65, 0x6E, 0x74, 0x20, 0x64, 0x61, 0x74, /* "tent dat" */
|
||||
/* signerInfos SET - empty for degenerate */
|
||||
0x31, 0x00
|
||||
};
|
||||
|
||||
/* Test non-streaming verification */
|
||||
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
|
||||
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
|
||||
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
|
||||
ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, (byte*)pkcs7Content,
|
||||
(word32)sizeof(pkcs7Content)), 0);
|
||||
|
||||
/* Verify content was parsed correctly */
|
||||
if (pkcs7 != NULL) {
|
||||
/* contentIsPkcs7Type should be set */
|
||||
ExpectIntEQ(pkcs7->contentIsPkcs7Type, 1);
|
||||
/* Content should have been parsed (33 bytes) */
|
||||
ExpectIntEQ(pkcs7->contentSz, 33);
|
||||
ExpectNotNull(pkcs7->content);
|
||||
}
|
||||
wc_PKCS7_Free(pkcs7);
|
||||
pkcs7 = NULL;
|
||||
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
/* Test streaming verification - feed data byte by byte */
|
||||
ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
|
||||
ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
|
||||
ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
|
||||
|
||||
/* Feed data byte by byte to exercise streaming path */
|
||||
ret = WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E);
|
||||
for (idx = 0; idx < (word32)sizeof(pkcs7Content) && ret != 0; idx++) {
|
||||
ret = wc_PKCS7_VerifySignedData(pkcs7,
|
||||
(byte*)pkcs7Content + idx, 1);
|
||||
if (ret < 0 && ret != WC_NO_ERR_TRACE(WC_PKCS7_WANT_READ_E)) {
|
||||
/* Unexpected error */
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* Expecting ret = 0, not ASN_PARSE_E or other negative error */
|
||||
ExpectIntEQ(ret, 0);
|
||||
|
||||
if (pkcs7 != NULL) {
|
||||
ExpectIntEQ(pkcs7->contentIsPkcs7Type, 1);
|
||||
ExpectIntEQ(pkcs7->contentSz, 33);
|
||||
ExpectNotNull(pkcs7->content);
|
||||
}
|
||||
wc_PKCS7_Free(pkcs7);
|
||||
#endif /* !NO_PKCS7_STREAM */
|
||||
#endif /* HAVE_PKCS7 */
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
|
||||
@@ -48,6 +48,7 @@ int test_wc_PKCS7_SetOriEncryptCtx(void);
|
||||
int test_wc_PKCS7_SetOriDecryptCtx(void);
|
||||
int test_wc_PKCS7_DecodeCompressedData(void);
|
||||
int test_wc_PKCS7_DecodeEnvelopedData_multiple_recipients(void);
|
||||
int test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq(void);
|
||||
|
||||
|
||||
#define TEST_PKCS7_DECLS \
|
||||
@@ -63,7 +64,8 @@ int test_wc_PKCS7_DecodeEnvelopedData_multiple_recipients(void);
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_VerifySignedData_ECC), \
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_Degenerate), \
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_BER), \
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_NoDefaultSignedAttribs)
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_NoDefaultSignedAttribs), \
|
||||
TEST_DECL_GROUP("pkcs7_sd", test_wc_PKCS7_VerifySignedData_PKCS7ContentSeq)
|
||||
|
||||
#define TEST_PKCS7_ENCRYPTED_DATA_DECLS \
|
||||
TEST_DECL_GROUP("pkcs7_ed", test_wc_PKCS7_DecodeEnvelopedData_stream), \
|
||||
|
||||
+300
-1
@@ -2339,7 +2339,6 @@ static int MERecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
int len = (int)msg->length;
|
||||
|
||||
(void)ssl;
|
||||
(void)sz;
|
||||
|
||||
/* Pass back as much of message as will fit in buffer. */
|
||||
if (len > sz)
|
||||
@@ -2572,3 +2571,303 @@ int test_tls13_duplicate_extension(void)
|
||||
}
|
||||
|
||||
|
||||
int test_key_share_mismatch(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
|
||||
defined(HAVE_SUPPORTED_CURVES) && defined(HAVE_ECC) && \
|
||||
defined(BUILD_TLS_AES_128_GCM_SHA256)
|
||||
/* Taken from payload in https://github.com/wolfSSL/wolfssl/issues/9362 */
|
||||
const byte ch1_bin[] = {
|
||||
0x16, 0x03, 0x03, 0x00, 0x96, 0x01, 0x00, 0x00, 0x92, 0x03, 0x03, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x00, 0x02, 0x13, 0x01, 0x01, 0x00, 0x00, 0x47,
|
||||
0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x18, 0x00, 0x17, 0x00, 0x1d,
|
||||
0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x08, 0x04, 0x00, 0x33,
|
||||
0x00, 0x26, 0x00, 0x24, 0x00, 0x1d, 0x00, 0x20, 0x07, 0xaa, 0xff, 0x3e,
|
||||
0x9f, 0xc1, 0x67, 0x27, 0x55, 0x44, 0xf4, 0xc3, 0xa6, 0xa1, 0x7c, 0xd8,
|
||||
0x37, 0xf2, 0xec, 0x6e, 0x78, 0xcd, 0x8a, 0x57, 0xb1, 0xe3, 0xdf, 0xb3,
|
||||
0xcc, 0x03, 0x5a, 0x76, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04
|
||||
};
|
||||
const byte ch2_bin[] = {
|
||||
0x16, 0x03, 0x03, 0x00, 0xb7, 0x01, 0x00, 0x00, 0xb3, 0x03, 0x03, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
|
||||
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x20, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03, 0x03,
|
||||
0x03, 0x03, 0x03, 0x03, 0x00, 0x02, 0x13, 0x01, 0x01, 0x00, 0x00, 0x68,
|
||||
0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x18, 0x00, 0x17, 0x00, 0x1d,
|
||||
0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x08, 0x04, 0x00, 0x33,
|
||||
0x00, 0x47, 0x00, 0x45, 0x00, 0x17, 0x00, 0x41, 0x04, 0x0c, 0x90, 0x1d,
|
||||
0x42, 0x3c, 0x83, 0x1c, 0xa8, 0x5e, 0x27, 0xc7, 0x3c, 0x26, 0x3b, 0xa1,
|
||||
0x32, 0x72, 0x1b, 0xb9, 0xd7, 0xa8, 0x4c, 0x4f, 0x03, 0x80, 0xb2, 0xa6,
|
||||
0x75, 0x6f, 0xd6, 0x01, 0x33, 0x1c, 0x88, 0x70, 0x23, 0x4d, 0xec, 0x87,
|
||||
0x85, 0x04, 0xc1, 0x74, 0x14, 0x4f, 0xa4, 0xb1, 0x4b, 0x66, 0xa6, 0x51,
|
||||
0x69, 0x16, 0x06, 0xd8, 0x17, 0x3e, 0x55, 0xbd, 0x37, 0xe3, 0x81, 0x56,
|
||||
0x9e, 0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04
|
||||
};
|
||||
WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
|
||||
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
|
||||
struct test_memio_ctx test_ctx;
|
||||
int client_group[] = {WOLFSSL_ECC_SECP521R1};
|
||||
int server_group[] = {WOLFSSL_ECC_SECP384R1, WOLFSSL_ECC_SECP256R1};
|
||||
|
||||
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
|
||||
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
|
||||
wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
|
||||
ExpectIntEQ(wolfSSL_set_groups(ssl_c,
|
||||
client_group, XELEM_CNT(client_group)), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_set_groups(ssl_s,
|
||||
server_group, XELEM_CNT(server_group)), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), BAD_KEY_SHARE_DATA);
|
||||
|
||||
wolfSSL_free(ssl_s);
|
||||
ssl_s = NULL;
|
||||
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
|
||||
ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
|
||||
NULL, wolfTLSv1_3_server_method), 0);
|
||||
ExpectIntEQ(wolfSSL_set_groups(ssl_s,
|
||||
server_group, XELEM_CNT(server_group)), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(test_memio_inject_message(&test_ctx, 0, (const char*)ch1_bin,
|
||||
sizeof(ch1_bin)), 0);
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
|
||||
ExpectIntEQ(test_memio_inject_message(&test_ctx, 0, (const char*)ch2_bin,
|
||||
sizeof(ch2_bin)), 0);
|
||||
ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), BAD_KEY_SHARE_DATA);
|
||||
|
||||
wolfSSL_free(ssl_c);
|
||||
wolfSSL_free(ssl_s);
|
||||
wolfSSL_CTX_free(ctx_c);
|
||||
wolfSSL_CTX_free(ctx_s);
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && !defined(NO_RSA) && defined(HAVE_ECC) && \
|
||||
defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER)
|
||||
/* Called when writing. */
|
||||
static int Tls13PTASend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
{
|
||||
(void)ssl;
|
||||
(void)buf;
|
||||
(void)ctx;
|
||||
|
||||
return sz;
|
||||
}
|
||||
static int Tls13PTARecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
||||
{
|
||||
WOLFSSL_BUFFER_INFO* msg = (WOLFSSL_BUFFER_INFO*)ctx;
|
||||
int len;
|
||||
|
||||
(void)ssl;
|
||||
|
||||
if (msg->length == 0) {
|
||||
/* Only do as many alerts as required to get to max alert count. */
|
||||
msg->buffer[0]--;
|
||||
if (msg->buffer[0] > 0) {
|
||||
msg->buffer -= 7;
|
||||
msg->length += 7;
|
||||
}
|
||||
else {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
len = (int)msg->length;
|
||||
/* Pass back as much of message as will fit in buffer. */
|
||||
if (len > sz)
|
||||
len = sz;
|
||||
XMEMCPY(buf, msg->buffer, len);
|
||||
/* Move over returned data. */
|
||||
msg->buffer += len;
|
||||
msg->length -= len;
|
||||
|
||||
/* Amount actually copied. */
|
||||
return len;
|
||||
}
|
||||
#endif
|
||||
|
||||
int test_tls13_plaintext_alert(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && !defined(NO_RSA) && defined(HAVE_ECC) && \
|
||||
defined(HAVE_AESGCM) && !defined(NO_WOLFSSL_SERVER)
|
||||
byte clientMsgs[] = {
|
||||
/* Client Hello */
|
||||
0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01,
|
||||
0x97, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
|
||||
0x6e, 0xab, 0x66, 0xdd, 0xcf, 0xe9, 0x65, 0x55,
|
||||
0xe8, 0xdf, 0xc3, 0x8e, 0x4b, 0x00, 0xbc, 0xf8,
|
||||
0x23, 0x57, 0x1b, 0xa0, 0xc8, 0xa9, 0xe2, 0x8c,
|
||||
0x91, 0x6e, 0xf9, 0x20, 0xf7, 0x5c, 0xc5, 0x5b,
|
||||
0x75, 0x8c, 0x47, 0x0a, 0x0e, 0xc4, 0x1a, 0xda,
|
||||
0xef, 0x75, 0xe5, 0x21, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x13, 0x01,
|
||||
0x13, 0x02, 0x01, 0x00, 0x01, 0x4a, 0x00, 0x2d,
|
||||
0x00, 0x03, 0x02, 0x00, 0x01, 0x00, 0x33, 0x00,
|
||||
0x47, 0x00, 0x45, 0x00, 0x17, 0x00, 0x41, 0x04,
|
||||
0x90, 0xfc, 0xe2, 0x97, 0x05, 0x7c, 0xb5, 0x23,
|
||||
0x5d, 0x5f, 0x5b, 0xcd, 0x0c, 0x1e, 0xe0, 0xe9,
|
||||
0xab, 0x38, 0x6b, 0x1e, 0x20, 0x5c, 0x1c, 0x90,
|
||||
0x2a, 0x9e, 0x68, 0x8e, 0x70, 0x05, 0x10, 0xa8,
|
||||
0x02, 0x1b, 0xf9, 0x5c, 0xef, 0xc9, 0xaf, 0xca,
|
||||
0x1a, 0x3b, 0x16, 0x8b, 0xe4, 0x1b, 0x3c, 0x15,
|
||||
0xb8, 0x0d, 0xbd, 0xaf, 0x62, 0x8d, 0xa7, 0x13,
|
||||
0xa0, 0x7c, 0xe0, 0x59, 0x0c, 0x4f, 0x8a, 0x6d,
|
||||
0x00, 0x2b, 0x00, 0x03, 0x02, 0x03, 0x04, 0x00,
|
||||
0x0d, 0x00, 0x20, 0x00, 0x1e, 0x06, 0x03, 0x05,
|
||||
0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06, 0x08,
|
||||
0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08,
|
||||
0x09, 0x06, 0x01, 0x05, 0x01, 0x04, 0x01, 0x03,
|
||||
0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x04, 0x00,
|
||||
0x02, 0x00, 0x17, 0x00, 0x16, 0x00, 0x00, 0x00,
|
||||
0x23, 0x00, 0x00, 0x00, 0x29, 0x00, 0xb9, 0x00,
|
||||
0x94, 0x00, 0x8e, 0x0f, 0x12, 0xfa, 0x84, 0x1f,
|
||||
0x76, 0x94, 0xd7, 0x09, 0x5e, 0xad, 0x08, 0x51,
|
||||
0xb6, 0x80, 0x28, 0x31, 0x8b, 0xfd, 0xc6, 0xbd,
|
||||
0x9e, 0xf5, 0x3b, 0x4d, 0x02, 0xbe, 0x1d, 0x73,
|
||||
0xea, 0x13, 0x68, 0x00, 0x4c, 0xfd, 0x3d, 0x48,
|
||||
0x51, 0xf9, 0x06, 0xbb, 0x92, 0xed, 0x42, 0x9f,
|
||||
0x7f, 0x2c, 0x73, 0x9f, 0xd9, 0xb4, 0xef, 0x05,
|
||||
0x26, 0x5b, 0x60, 0x5c, 0x0a, 0xfc, 0xa3, 0xbd,
|
||||
0x2d, 0x2d, 0x8b, 0xf9, 0xaa, 0x5c, 0x96, 0x3a,
|
||||
0xf2, 0xec, 0xfa, 0xe5, 0x57, 0x2e, 0x87, 0xbe,
|
||||
0x27, 0xc5, 0x3d, 0x4f, 0x5d, 0xdd, 0xde, 0x1c,
|
||||
0x1b, 0xb3, 0xcc, 0x27, 0x27, 0x57, 0x5a, 0xd9,
|
||||
0xea, 0x99, 0x27, 0x23, 0xa6, 0x0e, 0xea, 0x9c,
|
||||
0x0d, 0x85, 0xcb, 0x72, 0xeb, 0xd7, 0x93, 0xe3,
|
||||
0xfe, 0xf7, 0x5c, 0xc5, 0x5b, 0x75, 0x8c, 0x47,
|
||||
0x0a, 0x0e, 0xc4, 0x1a, 0xda, 0xef, 0x75, 0xe5,
|
||||
0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0xfb, 0x92, 0xce, 0xaa, 0x00, 0x21, 0x20,
|
||||
0xcb, 0x73, 0x25, 0x80, 0x46, 0x78, 0x4f, 0xe5,
|
||||
0x34, 0xf6, 0x91, 0x13, 0x7f, 0xc8, 0x8d, 0xdc,
|
||||
0x81, 0x04, 0xb7, 0x0d, 0x49, 0x85, 0x2e, 0x12,
|
||||
0x7a, 0x07, 0x23, 0xe9, 0x13, 0xa4, 0x6d, 0x8c,
|
||||
0x15, 0x03, 0x03, 0x00, 0x02, 0x01, 0x00, 0x00
|
||||
};
|
||||
|
||||
WOLFSSL_CTX* ctx = NULL;
|
||||
WOLFSSL* ssl = NULL;
|
||||
WOLFSSL_BUFFER_INFO msg;
|
||||
|
||||
#ifdef WOLFSSL_TLS13_IGNORE_PT_ALERT_ON_ENC
|
||||
/* We fail on WOLFSSL_ALERT_COUNT_MAX alerts. */
|
||||
|
||||
/* Set up wolfSSL context. */
|
||||
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
|
||||
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
|
||||
CERT_FILETYPE));
|
||||
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
|
||||
CERT_FILETYPE));
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
|
||||
}
|
||||
/* Read from 'msg'. */
|
||||
wolfSSL_SetIORecv(ctx, Tls13PTARecv);
|
||||
/* No where to send to - dummy sender. */
|
||||
wolfSSL_SetIOSend(ctx, Tls13PTASend);
|
||||
|
||||
ExpectNotNull(ssl = wolfSSL_new(ctx));
|
||||
msg.buffer = clientMsgs;
|
||||
msg.length = (unsigned int)sizeof(clientMsgs) - 1;
|
||||
clientMsgs[sizeof(clientMsgs) - 1] = WOLFSSL_ALERT_COUNT_MAX;
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_SetIOReadCtx(ssl, &msg);
|
||||
}
|
||||
/* Alert will be ignored until too many. */
|
||||
/* Read all message include CertificateVerify with invalid signature
|
||||
* algorithm. */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl), WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR));
|
||||
/* Expect an invalid parameter error. */
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FATAL_ERROR),
|
||||
WC_NO_ERR_TRACE(ALERT_COUNT_E));
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
ssl = NULL;
|
||||
wolfSSL_CTX_free(ctx);
|
||||
ctx = NULL;
|
||||
|
||||
/* Set up wolfSSL context. */
|
||||
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
|
||||
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
|
||||
CERT_FILETYPE));
|
||||
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
|
||||
CERT_FILETYPE));
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
|
||||
}
|
||||
/* Read from 'msg'. */
|
||||
wolfSSL_SetIORecv(ctx, Tls13PTARecv);
|
||||
/* No where to send to - dummy sender. */
|
||||
wolfSSL_SetIOSend(ctx, Tls13PTASend);
|
||||
|
||||
ExpectNotNull(ssl = wolfSSL_new(ctx));
|
||||
msg.buffer = clientMsgs;
|
||||
msg.length = (unsigned int)sizeof(clientMsgs) - 1;
|
||||
clientMsgs[sizeof(clientMsgs) - 1] = WOLFSSL_ALERT_COUNT_MAX - 1;
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_SetIOReadCtx(ssl, &msg);
|
||||
}
|
||||
/* Alert will be ignored until too many. */
|
||||
/* Read all message include CertificateVerify with invalid signature
|
||||
* algorithm. */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl), WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR));
|
||||
/* Expect an invalid parameter error. */
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FATAL_ERROR),
|
||||
WC_NO_ERR_TRACE(SOCKET_ERROR_E));
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
#else
|
||||
/* Fail on plaintext alert when encryption keys on. */
|
||||
|
||||
/* Set up wolfSSL context. */
|
||||
ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
|
||||
ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
|
||||
CERT_FILETYPE));
|
||||
ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
|
||||
CERT_FILETYPE));
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
|
||||
}
|
||||
/* Read from 'msg'. */
|
||||
wolfSSL_SetIORecv(ctx, Tls13PTARecv);
|
||||
/* No where to send to - dummy sender. */
|
||||
wolfSSL_SetIOSend(ctx, Tls13PTASend);
|
||||
|
||||
ExpectNotNull(ssl = wolfSSL_new(ctx));
|
||||
msg.buffer = clientMsgs;
|
||||
msg.length = (unsigned int)sizeof(clientMsgs) - 1;
|
||||
clientMsgs[sizeof(clientMsgs) - 1] = 1;
|
||||
if (EXPECT_SUCCESS()) {
|
||||
wolfSSL_SetIOReadCtx(ssl, &msg);
|
||||
}
|
||||
/* Alert will be ignored until too many. */
|
||||
/* Read all message include CertificateVerify with invalid signature
|
||||
* algorithm. */
|
||||
ExpectIntEQ(wolfSSL_accept(ssl), WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR));
|
||||
/* Expect an invalid parameter error. */
|
||||
ExpectIntEQ(wolfSSL_get_error(ssl, WOLFSSL_FATAL_ERROR),
|
||||
WC_NO_ERR_TRACE(PARSE_ERROR));
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
|
||||
+16
-12
@@ -35,18 +35,22 @@ int test_tls13_hrr_different_cs(void);
|
||||
int test_tls13_sg_missing(void);
|
||||
int test_tls13_ks_missing(void);
|
||||
int test_tls13_duplicate_extension(void);
|
||||
int test_key_share_mismatch(void);
|
||||
int test_tls13_plaintext_alert(void);
|
||||
|
||||
#define TEST_TLS13_DECLS \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_apis), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_cipher_suites), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_bad_psk_binder), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_rpk_handshake), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_pq_groups), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_early_data), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_same_ch), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_hrr_different_cs), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_sg_missing), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_ks_missing), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_duplicate_extension)
|
||||
#define TEST_TLS13_DECLS \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_apis), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_cipher_suites), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_bad_psk_binder), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_rpk_handshake), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_pq_groups), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_early_data), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_same_ch), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_hrr_different_cs), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_sg_missing), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_ks_missing), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_duplicate_extension), \
|
||||
TEST_DECL_GROUP("tls13", test_key_share_mismatch), \
|
||||
TEST_DECL_GROUP("tls13", test_tls13_plaintext_alert)
|
||||
|
||||
#endif /* WOLFCRYPT_TEST_TLS13_H */
|
||||
|
||||
@@ -27,6 +27,11 @@
|
||||
#ifndef TESTS_UTILS_H
|
||||
#define TESTS_UTILS_H
|
||||
|
||||
#ifdef WOLFSSL_DUMP_MEMIO_STREAM
|
||||
extern char tmpDirName[16];
|
||||
extern const char* currentTestName;
|
||||
#endif
|
||||
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
|
||||
(!defined(NO_RSA) || defined(HAVE_RPK)) && \
|
||||
!defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
|
||||
|
||||
@@ -13402,10 +13402,34 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId)
|
||||
/* Free Aes resources */
|
||||
void wc_AesFree(Aes* aes)
|
||||
{
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
|
||||
int ret = 0;
|
||||
#endif
|
||||
|
||||
if (aes == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_FREE)
|
||||
#ifndef WOLF_CRYPTO_CB_FIND
|
||||
if (aes->devId != INVALID_DEVID)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Free(aes->devId, WC_ALGO_TYPE_CIPHER,
|
||||
WC_CIPHER_AES, (void*)aes);
|
||||
/* If they want the standard free, they can call it themselves */
|
||||
/* via their callback setting devId to INVALID_DEVID */
|
||||
/* otherwise assume the callback handled it */
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||
return;
|
||||
/* fall-through when unavailable */
|
||||
}
|
||||
|
||||
/* silence compiler warning */
|
||||
(void)ret;
|
||||
|
||||
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_FREE */
|
||||
|
||||
#ifdef WC_DEBUG_CIPHER_LIFECYCLE
|
||||
(void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
|
||||
#endif
|
||||
|
||||
+31
-30
@@ -104,6 +104,9 @@ ASN Options:
|
||||
* DO NOT enable this unless required for interoperability.
|
||||
* WOLFSSL_ASN_EXTRA: Make more ASN.1 APIs available regardless of internal
|
||||
* usage.
|
||||
* WOLFSSL_ALLOW_AKID_SKID_MATCH: By default cert issuer is found using hash
|
||||
* of cert subject hash with signers subject hash. This option allows fallback
|
||||
* to using AKID and SKID matching.
|
||||
*/
|
||||
|
||||
#ifndef NO_RSA
|
||||
@@ -21339,42 +21342,25 @@ static int DecodeAuthKeyIdInternal(const byte* input, word32 sz,
|
||||
ret = DecodeAuthKeyId(input, sz, &extAuthKeyId, &extAuthKeyIdSz,
|
||||
&extAuthKeyIdIssuer, &extAuthKeyIdIssuerSz, &extAuthKeyIdIssuerSN,
|
||||
&extAuthKeyIdIssuerSNSz);
|
||||
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
#ifndef WOLFSSL_ASN_TEMPLATE
|
||||
|
||||
if (extAuthKeyIdSz == 0)
|
||||
{
|
||||
if (ret != 0) {
|
||||
cert->extAuthKeyIdSet = 0;
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
|
||||
cert->extAuthKeyIdSz = extAuthKeyIdSz;
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
#ifdef WOLFSSL_AKID_NAME
|
||||
cert->extRawAuthKeyIdSrc = input;
|
||||
cert->extRawAuthKeyIdSz = sz;
|
||||
#endif
|
||||
cert->extAuthKeyIdSrc = extAuthKeyId;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
return GetHashId(extAuthKeyId, extAuthKeyIdSz, cert->extAuthKeyId,
|
||||
HashIdAlg(cert->signatureOID));
|
||||
#else
|
||||
|
||||
/* Each field is optional */
|
||||
if (extAuthKeyIdSz > 0) {
|
||||
#ifdef OPENSSL_EXTRA
|
||||
cert->extAuthKeyIdSrc = extAuthKeyId;
|
||||
cert->extAuthKeyIdSet = 1;
|
||||
cert->extAuthKeyIdSz = extAuthKeyIdSz;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
|
||||
#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
|
||||
cert->extAuthKeyIdSrc = extAuthKeyId;
|
||||
#endif
|
||||
|
||||
/* Get the hash or hash of the hash if wrong size. */
|
||||
ret = GetHashId(extAuthKeyId, (int)extAuthKeyIdSz, cert->extAuthKeyId,
|
||||
HashIdAlg(cert->signatureOID));
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_AKID_NAME
|
||||
if (ret == 0 && extAuthKeyIdIssuerSz > 0) {
|
||||
cert->extAuthKeyIdIssuer = extAuthKeyIdIssuer;
|
||||
@@ -21386,15 +21372,15 @@ static int DecodeAuthKeyIdInternal(const byte* input, word32 sz,
|
||||
}
|
||||
#endif /* WOLFSSL_AKID_NAME */
|
||||
if (ret == 0) {
|
||||
#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_AKID_NAME)
|
||||
#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
|
||||
defined(WOLFSSL_AKID_NAME)
|
||||
/* Store the raw authority key id. */
|
||||
cert->extRawAuthKeyIdSrc = input;
|
||||
cert->extRawAuthKeyIdSz = sz;
|
||||
#endif /* OPENSSL_EXTRA */
|
||||
#endif
|
||||
}
|
||||
|
||||
return ret;
|
||||
#endif /* WOLFSSL_ASN_TEMPLATE */
|
||||
}
|
||||
|
||||
/* Decode subject key id extension.
|
||||
@@ -25723,7 +25709,22 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm,
|
||||
}
|
||||
if (cert->ca != NULL && XMEMCMP(cert->issuerHash,
|
||||
cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
|
||||
cert->ca = NULL;
|
||||
#ifdef WOLFSSL_ALLOW_AKID_SKID_MATCH
|
||||
/* if hash of cert subject does not match hash of issuer
|
||||
* then try with AKID/SKID if available */
|
||||
if (cert->extAuthKeyIdSet && cert->extAuthKeyIdSz > 0 &&
|
||||
cert->extAuthKeyIdSz ==
|
||||
(word32)sizeof(cert->ca->subjectKeyIdHash) &&
|
||||
XMEMCMP(cert->extAuthKeyId, cert->ca->subjectKeyIdHash,
|
||||
cert->extAuthKeyIdSz) == 0) {
|
||||
WOLFSSL_MSG("Cert AKID matches CA SKID");
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
WOLFSSL_MSG("Cert subject hash does not match issuer hash");
|
||||
cert->ca = NULL;
|
||||
}
|
||||
}
|
||||
if (cert->ca == NULL) {
|
||||
cert->ca = GetCAByName(cm, cert->issuerHash);
|
||||
|
||||
@@ -202,6 +202,15 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
|
||||
#endif /* !WOLFSSL_CURVE25519_BLINDING */
|
||||
#endif /* FREESCALE_LTC_ECC */
|
||||
|
||||
/* If WOLFSSL_CURVE25519_BLINDING is defined, this check is run in
|
||||
* wc_curve25519_make_pub_blind since it could be called directly. */
|
||||
#if !defined(WOLFSSL_CURVE25519_BLINDING) || defined(FREESCALE_LTC_ECC)
|
||||
if (ret == 0) {
|
||||
ret = wc_curve25519_check_public(pub, (word32)public_size,
|
||||
EC25519_LITTLE_ENDIAN);
|
||||
}
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -297,6 +306,11 @@ int wc_curve25519_make_pub_blind(int public_size, byte* pub, int private_size,
|
||||
ret = curve25519_smul_blind(pub, priv, (byte*)kCurve25519BasePoint, rng);
|
||||
#endif
|
||||
|
||||
if (ret == 0) {
|
||||
ret = wc_curve25519_check_public(pub, (word32)public_size,
|
||||
EC25519_LITTLE_ENDIAN);
|
||||
}
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
@@ -463,11 +477,6 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key)
|
||||
ret = wc_curve25519_make_pub((int)sizeof(key->p.point), key->p.point,
|
||||
(int)sizeof(key->k), key->k);
|
||||
#endif
|
||||
if (ret == 0) {
|
||||
ret = wc_curve25519_check_public(key->p.point,
|
||||
(word32)sizeof(key->p.point),
|
||||
EC25519_LITTLE_ENDIAN);
|
||||
}
|
||||
key->pubSet = (ret == 0);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -1127,6 +1127,9 @@ int wc_ed25519_export_public(const ed25519_key* key, byte* out, word32* outLen)
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
if (!key->pubKeySet)
|
||||
return PUBLIC_KEY_E;
|
||||
|
||||
*outLen = ED25519_PUB_KEY_SIZE;
|
||||
XMEMCPY(out, key->p, ED25519_PUB_KEY_SIZE);
|
||||
|
||||
@@ -1368,7 +1371,7 @@ int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* ou
|
||||
int wc_ed25519_export_private(const ed25519_key* key, byte* out, word32* outLen)
|
||||
{
|
||||
/* sanity checks on arguments */
|
||||
if (key == NULL || out == NULL || outLen == NULL)
|
||||
if (key == NULL || !key->privKeySet || out == NULL || outLen == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
if (*outLen < ED25519_PRV_KEY_SIZE) {
|
||||
@@ -1398,6 +1401,8 @@ int wc_ed25519_export_key(const ed25519_key* key,
|
||||
|
||||
/* export public part */
|
||||
ret = wc_ed25519_export_public(key, pub, pubSz);
|
||||
if (ret == WC_NO_ERR_TRACE(PUBLIC_KEY_E))
|
||||
ret = 0; /* ignore no public key */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
+21
-3
@@ -5455,7 +5455,6 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
|
||||
if (ret == 0 && GetMyVersion(pkiMsg, &idx, &version, pkiMsgSz) < 0)
|
||||
ret = ASN_PARSE_E;
|
||||
|
||||
|
||||
/* version 1 follows RFC 2315 */
|
||||
/* version 3 follows RFC 4108 */
|
||||
if (ret == 0 && (version != 1 && version != 3)) {
|
||||
@@ -5673,6 +5672,15 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
|
||||
* this as start of content. */
|
||||
localIdx = start;
|
||||
pkcs7->contentIsPkcs7Type = 1;
|
||||
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
/* Set streaming variables for PKCS#7 type content.
|
||||
* length contains the size from [0] EXPLICIT wrapper */
|
||||
pkcs7->stream->multi = 0;
|
||||
pkcs7->stream->currContIdx = localIdx;
|
||||
pkcs7->stream->currContSz = (word32)length;
|
||||
pkcs7->stream->currContRmnSz = (word32)length;
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
/* CMS eContent OCTET_STRING */
|
||||
@@ -5762,7 +5770,6 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
|
||||
idx = localIdx;
|
||||
}
|
||||
else {
|
||||
|
||||
/* If either pkcs7->content and pkcs7->contentSz are set
|
||||
* (detached signature where user has set content explicitly
|
||||
* into pkcs7->content/contentSz) OR pkcs7->hashBuf and
|
||||
@@ -5862,7 +5869,7 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
|
||||
|
||||
/* copy content to pkcs7->contentDynamic */
|
||||
if (keepContent && pkcs7->stream->content &&
|
||||
pkcs7->stream->contentSz >0) {
|
||||
pkcs7->stream->contentSz > 0) {
|
||||
pkcs7->contentDynamic = (byte*)XMALLOC(pkcs7->stream->contentSz,
|
||||
pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
if (pkcs7->contentDynamic == NULL) {
|
||||
@@ -6412,6 +6419,17 @@ static int PKCS7_VerifySignedData(wc_PKCS7* pkcs7, const byte* hashBuf,
|
||||
NO_USER_CHECK) < 0)
|
||||
ret = ASN_PARSE_E;
|
||||
|
||||
/* Update degenerate flag based on if signerInfos SET is empty.
|
||||
* The earlier degenerate check at digestAlgorithms is an early
|
||||
* optimization, but depending on degenerate case may not be
|
||||
* detected until here. */
|
||||
if (ret == 0) {
|
||||
degenerate = (length == 0) ? 1 : 0;
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
pkcs7->stream->degenerate = (degenerate != 0);
|
||||
#endif
|
||||
}
|
||||
|
||||
if (ret != 0)
|
||||
break;
|
||||
#ifndef NO_PKCS7_STREAM
|
||||
|
||||
@@ -759,6 +759,9 @@ static Error caamAes(struct DescStruct* desc)
|
||||
ctx[ctxIdx] = buf;
|
||||
sz += buf->dataSz;
|
||||
|
||||
if (ctx[ctxIdx]->dataSz + offset > (MAX_CTX * sizeof(UINT4))) {
|
||||
return SizeIsTooLarge;
|
||||
}
|
||||
memcpy((unsigned char*)&local[offset],
|
||||
(unsigned char*)ctx[ctxIdx]->data, ctx[ctxIdx]->dataSz);
|
||||
offset += ctx[ctxIdx]->dataSz;
|
||||
@@ -958,6 +961,9 @@ static Error caamAead(struct DescStruct* desc)
|
||||
ctx[ctxIdx] = buf;
|
||||
sz += buf->dataSz;
|
||||
|
||||
if (ctx[ctxIdx]->dataSz + offset > (MAX_CTX * sizeof(UINT4))) {
|
||||
return SizeIsTooLarge;
|
||||
}
|
||||
memcpy((unsigned char*)&local[offset],
|
||||
(unsigned char*)ctx[ctxIdx]->data, ctx[ctxIdx]->dataSz);
|
||||
offset += ctx[ctxIdx]->dataSz;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -813,7 +813,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
|
||||
#ifdef HAVE_HASHDRBG
|
||||
word32 seedSz = SEED_SZ + SEED_BLOCK_SZ;
|
||||
WC_DECLARE_VAR(seed, byte, MAX_SEED_SZ, rng->heap);
|
||||
int drbg_instantiated = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
int drbg_scratch_instantiated = 0;
|
||||
#endif
|
||||
@@ -1025,8 +1024,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
|
||||
ret = Hash_DRBG_Instantiate((DRBG_internal *)rng->drbg,
|
||||
seed + SEED_BLOCK_SZ, seedSz - SEED_BLOCK_SZ,
|
||||
nonce, nonceSz, rng->heap, devId);
|
||||
if (ret == 0)
|
||||
drbg_instantiated = 1;
|
||||
} /* ret == 0 */
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -1038,8 +1035,6 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
|
||||
WC_FREE_VAR_EX(seed, rng->heap, DYNAMIC_TYPE_SEED);
|
||||
|
||||
if (ret != DRBG_SUCCESS) {
|
||||
if (drbg_instantiated)
|
||||
(void)Hash_DRBG_Uninstantiate((DRBG_internal *)rng->drbg);
|
||||
#if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
|
||||
XFREE(rng->drbg, rng->heap, DYNAMIC_TYPE_RNG);
|
||||
#endif
|
||||
|
||||
@@ -913,6 +913,7 @@ int wc_LmsKey_Reload(LmsKey* key)
|
||||
/* Reload the key ready for signing. */
|
||||
ret = wc_hss_reload_key(state, key->priv_raw, &key->priv,
|
||||
key->priv_data, NULL);
|
||||
wc_lmskey_state_free(state);
|
||||
}
|
||||
ForceZero(state, sizeof(LmsState));
|
||||
WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
@@ -2764,7 +2764,8 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
|
||||
|
||||
if (ret == 0) {
|
||||
secSz = *info->pk.ecdh.outlen;
|
||||
if (secSz > (CK_ULONG)info->pk.ecdh.private_key->dp->size)
|
||||
if (info->pk.ecdh.private_key->dp != NULL &&
|
||||
secSz > (CK_ULONG)info->pk.ecdh.private_key->dp->size)
|
||||
secSz = info->pk.ecdh.private_key->dp->size;
|
||||
|
||||
params.kdf = CKD_NULL;
|
||||
|
||||
@@ -58,7 +58,7 @@ data, use this implementation to seed and re-seed the DRBG.
|
||||
#define MAX_NOISE_CNT (MAX_ENTROPY_BITS * 8 + ENTROPY_EXTRA)
|
||||
|
||||
/* MemUse entropy global state initialized. */
|
||||
static int entropy_memuse_initialized = 0;
|
||||
static volatile int entropy_memuse_initialized = 0;
|
||||
/* Global SHA-3 object used for conditioning entropy and creating noise. */
|
||||
static wc_Sha3 entropyHash;
|
||||
/* Reset the health tests. */
|
||||
@@ -740,6 +740,21 @@ int wc_Entropy_Get(int bits, unsigned char* entropy, word32 len)
|
||||
int noise_len = (bits + ENTROPY_EXTRA) / ENTROPY_MIN;
|
||||
static byte noise[MAX_NOISE_CNT];
|
||||
|
||||
#ifdef HAVE_FIPS
|
||||
/* FIPS KATs, e.g. EccPrimitiveZ_KnownAnswerTest(), call wc_Entropy_Get()
|
||||
* incidental to wc_InitRng(), without first calling Entropy_Init(), neither
|
||||
* directly, nor indirectly via wolfCrypt_Init(). This matters, because
|
||||
* KATs must be usable before wolfCrypt_Init() (indeed, in the library
|
||||
* embodiment, the HMAC KAT always runs before wolfCrypt_Init(), incidental
|
||||
* to fipsEntry()). Without the InitSha3() under Entropy_Init(), the
|
||||
* SHA3_BLOCK function pointer is null when Sha3Update() is called by
|
||||
* Entropy_MemUse(), which ends badly.
|
||||
*/
|
||||
if (!entropy_memuse_initialized) {
|
||||
ret = Entropy_Init();
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Lock the mutex as collection uses globals. */
|
||||
if ((ret == 0) && (wc_LockMutex(&entropy_mutex) != 0)) {
|
||||
ret = BAD_MUTEX_E;
|
||||
@@ -851,6 +866,19 @@ int Entropy_Init(void)
|
||||
#if !defined(SINGLE_THREADED) && !defined(WOLFSSL_MUTEX_INITIALIZER)
|
||||
ret = wc_InitMutex(&entropy_mutex);
|
||||
#endif
|
||||
if (ret == 0)
|
||||
ret = wc_LockMutex(&entropy_mutex);
|
||||
|
||||
if (entropy_memuse_initialized) {
|
||||
/* Short circuit return -- a competing thread initialized the state
|
||||
* while we were waiting. Note, this is only threadsafe when
|
||||
* WOLFSSL_MUTEX_INITIALIZER is defined.
|
||||
*/
|
||||
if (ret == 0)
|
||||
wc_UnLockMutex(&entropy_mutex);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Initialize a SHA3-256 object for use in entropy operations. */
|
||||
ret = wc_InitSha3_256(&entropyHash, NULL, INVALID_DEVID);
|
||||
@@ -872,6 +900,10 @@ int Entropy_Init(void)
|
||||
Entropy_StopThread();
|
||||
#endif
|
||||
}
|
||||
|
||||
if (ret != WC_NO_ERR_TRACE(BAD_MUTEX_E)) {
|
||||
wc_UnLockMutex(&entropy_mutex);
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
||||
+174
-98
@@ -7402,7 +7402,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
|
||||
testVector a, b, c, d;
|
||||
testVector test_hmac[4];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
WOLFSSL_ENTER("hmac_md5_test");
|
||||
|
||||
@@ -7440,6 +7440,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
|
||||
test_hmac[2] = c;
|
||||
test_hmac[3] = d;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -7454,29 +7455,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
|
||||
|
||||
ret = wc_HmacInit(&hmac, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_MD5_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -7484,28 +7485,35 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_MD5_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
if ((ret = wc_HmacSizeByType(WC_MD5)) != WC_MD5_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (ret == 0) {
|
||||
if ((ret = wc_HmacSizeByType(WC_MD5)) != WC_MD5_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif /* !NO_HMAC && !NO_MD5 && (!HAVE_FIPS || (HAVE_FIPS_VERSION < 5)) */
|
||||
|
||||
@@ -7535,7 +7543,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
|
||||
testVector a, b, c, d;
|
||||
testVector test_hmac[4];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
|
||||
#if FIPS_VERSION3_GE(6,0,0)
|
||||
@@ -7577,6 +7585,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
|
||||
test_hmac[2] = c;
|
||||
test_hmac[3] = d;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -7589,38 +7598,38 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
|
||||
#endif
|
||||
|
||||
if ((ret = wc_HmacInit(&hmac, HEAP_HINT, devId)) != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
#if FIPS_VERSION3_GE(6,0,0)
|
||||
if (i == 1) {
|
||||
if (ret != WC_NO_ERR_TRACE(HMAC_MIN_KEYLEN_E))
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
/* Now use the ex and allow short keys with FIPS option */
|
||||
ret = wc_HmacSetKey_ex(&hmac, WC_SHA, (byte*) keys[i],
|
||||
(word32)XSTRLEN(keys[i]), allowShortKeyWithFips);
|
||||
}
|
||||
#endif
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -7628,28 +7637,35 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA)) != WC_SHA_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (ret == 0) {
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA)) != WC_SHA_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -7684,7 +7700,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
|
||||
testVector a, b, c, d;
|
||||
testVector test_hmac[4];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
WOLFSSL_ENTER("hmac_sha224_test");
|
||||
|
||||
@@ -7720,6 +7736,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
|
||||
test_hmac[2] = c;
|
||||
test_hmac[3] = d;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -7732,29 +7749,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
|
||||
#endif
|
||||
|
||||
if ((ret = wc_HmacInit(&hmac, HEAP_HINT, devId)) != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA224_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -7762,28 +7779,35 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA224_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA224)) != WC_SHA224_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (ret == 0) {
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA224)) != WC_SHA224_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -7820,7 +7844,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
|
||||
testVector a, b, c, d, e;
|
||||
testVector test_hmac[5];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
WOLFSSL_ENTER("hmac_sha256_test");
|
||||
|
||||
@@ -7869,6 +7893,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
|
||||
test_hmac[3] = d;
|
||||
test_hmac[4] = e;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -7885,31 +7910,31 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
|
||||
#endif
|
||||
|
||||
if (wc_HmacInit(&hmac, HEAP_HINT, devId) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
if (test_hmac[i].input != NULL) {
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
}
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA256_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -7918,20 +7943,24 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
}
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA256_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
@@ -7985,7 +8014,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
|
||||
testVector a, b, c, d;
|
||||
testVector test_hmac[4];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
WOLFSSL_ENTER("hmac_sha384_test");
|
||||
|
||||
@@ -8030,6 +8059,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
|
||||
test_hmac[2] = c;
|
||||
test_hmac[3] = d;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -8042,29 +8072,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
|
||||
#endif
|
||||
|
||||
if ((ret = wc_HmacInit(&hmac, HEAP_HINT, devId)) != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA384_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -8072,28 +8102,35 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA384_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA384)) != WC_SHA384_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (ret == 0) {
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA384)) != WC_SHA384_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -8128,7 +8165,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
|
||||
testVector a, b, c, d;
|
||||
testVector test_hmac[4];
|
||||
|
||||
wc_test_ret_t ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
int times = sizeof(test_hmac) / sizeof(testVector), i;
|
||||
WOLFSSL_ENTER("hmac_sha512_test");
|
||||
|
||||
@@ -8177,6 +8214,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
|
||||
test_hmac[2] = c;
|
||||
test_hmac[3] = d;
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -8189,29 +8227,29 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
|
||||
#endif
|
||||
|
||||
if ((ret = wc_HmacInit(&hmac, HEAP_HINT, devId)) != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, WC_SHA512, (byte*)keys[i],
|
||||
(word32)XSTRLEN(keys[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA512_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -8219,28 +8257,35 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)test_hmac[i].input,
|
||||
(word32)test_hmac[i].inLen);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
if (XMEMCMP(hash, test_hmac[i].output, WC_SHA512_DIGEST_SIZE) != 0)
|
||||
return WC_TEST_RET_ENC_I(i);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA512)) != WC_SHA512_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
if (ret == 0) {
|
||||
if ((ret = wc_HmacSizeByType(WC_SHA512)) != WC_SHA512_DIGEST_SIZE)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -8378,9 +8423,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
|
||||
|
||||
int i = 0, iMax = sizeof(input) / sizeof(input[0]),
|
||||
j, jMax = sizeof(hashType) / sizeof(hashType[0]);
|
||||
int ret;
|
||||
wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
|
||||
WOLFSSL_ENTER("hmac_sha3_test");
|
||||
|
||||
XMEMSET(&hmac, 0, sizeof(hmac));
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
WC_ALLOC_VAR_EX(hmac_copy, Hmac, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER,
|
||||
return WC_TEST_RET_ENC_EC(MEMORY_E));
|
||||
@@ -8394,28 +8440,28 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
|
||||
for (; i < iMax; i++) {
|
||||
for (j = 0; j < jMax; j++) {
|
||||
if ((ret = wc_HmacInit(&hmac, HEAP_HINT, devId)) != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
ret = wc_HmacSetKey(&hmac, hashType[j], (byte*)key[i],
|
||||
(word32)XSTRLEN(key[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
ret = wc_HmacCopy(&hmac, hmac_copy);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
|
||||
ret = wc_HmacUpdate(&hmac, (byte*)input[i],
|
||||
(word32)XSTRLEN(input[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(&hmac, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(hash, output[(i*jMax) + j], (size_t)hashSz[j]) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
|
||||
@@ -8423,12 +8469,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
|
||||
ret = wc_HmacUpdate(hmac_copy, (byte*)input[i],
|
||||
(word32)XSTRLEN(input[i]));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
ret = wc_HmacFinal(hmac_copy, hash);
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
if (XMEMCMP(hash, output[(i*jMax) + j], (size_t)hashSz[j]) != 0)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
|
||||
wc_HmacFree(hmac_copy);
|
||||
#endif
|
||||
@@ -8439,16 +8485,20 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
|
||||
#if !defined(HAVE_FIPS) || FIPS_VERSION3_GE(6,0,0)
|
||||
ret = wc_HmacSizeByType(hashType[j]);
|
||||
if (ret != hashSz[j])
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
out:
|
||||
|
||||
wc_HmacFree(&hmac);
|
||||
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GT(7,0,0))
|
||||
wc_HmacFree(hmac_copy);
|
||||
WC_FREE_VAR_EX(hmac_copy, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -19698,14 +19748,23 @@ static wc_test_ret_t _rng_test(WC_RNG* rng)
|
||||
!defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION3_GE(5,0,0))
|
||||
/* Test periodic reseed dynamics. */
|
||||
|
||||
((struct DRBG_internal *)rng->drbg)->reseedCtr = WC_RESEED_INTERVAL;
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
if (wc_CryptoCb_RandomBlock(rng, block, sizeof(block)) ==
|
||||
WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||
{
|
||||
#endif
|
||||
((struct DRBG_internal *)rng->drbg)->reseedCtr = WC_RESEED_INTERVAL;
|
||||
|
||||
ret = wc_RNG_GenerateBlock(rng, block, sizeof(block));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
ret = wc_RNG_GenerateBlock(rng, block, sizeof(block));
|
||||
if (ret != 0)
|
||||
return WC_TEST_RET_ENC_EC(ret);
|
||||
|
||||
if (((struct DRBG_internal *)rng->drbg)->reseedCtr == WC_RESEED_INTERVAL)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
#ifdef WOLF_CRYPTO_CB
|
||||
}
|
||||
#endif
|
||||
|
||||
if (((struct DRBG_internal *)rng->drbg)->reseedCtr == WC_RESEED_INTERVAL)
|
||||
return WC_TEST_RET_ENC_NC;
|
||||
#endif /* HAVE_HASHDRBG && !CUSTOM_RAND_GENERATE_BLOCK && !HAVE_SELFTEST */
|
||||
|
||||
#if defined(WOLFSSL_TRACK_MEMORY) && defined(WOLFSSL_SMALL_STACK_CACHE)
|
||||
@@ -19820,7 +19879,7 @@ static wc_test_ret_t rng_seed_test(void)
|
||||
* SEED_BLOCK_SZ, which depend on which seed back end is configured.
|
||||
*/
|
||||
#if defined(HAVE_ENTROPY_MEMUSE) && defined(HAVE_AMD_RDSEED) && \
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION_LT(6,0))
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && FIPS_VERSION3_NE(5,2,4))
|
||||
#ifdef HAVE_FIPS
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte check[] =
|
||||
{
|
||||
@@ -19858,7 +19917,7 @@ static wc_test_ret_t rng_seed_test(void)
|
||||
};
|
||||
#endif
|
||||
#elif defined(HAVE_AMD_RDSEED) && \
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION_LT(6,0))
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && FIPS_VERSION3_NE(5,2,4))
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte check[] =
|
||||
{
|
||||
0x2c, 0xd4, 0x9b, 0x1e, 0x1e, 0xe7, 0xb0, 0xb0,
|
||||
@@ -19867,7 +19926,7 @@ static wc_test_ret_t rng_seed_test(void)
|
||||
0xa2, 0xe7, 0xe5, 0x90, 0x6d, 0x1f, 0x88, 0x98
|
||||
};
|
||||
#elif (defined(HAVE_INTEL_RDSEED) || defined(HAVE_INTEL_RDRAND)) && \
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION_LT(6,0))
|
||||
!(defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && FIPS_VERSION3_NE(5,2,4))
|
||||
#ifdef HAVE_FIPS
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte check[] =
|
||||
{
|
||||
@@ -19886,7 +19945,7 @@ static wc_test_ret_t rng_seed_test(void)
|
||||
};
|
||||
#endif
|
||||
#elif defined(HAVE_INTEL_RDSEED) && \
|
||||
defined(HAVE_FIPS) && FIPS_VERSION_LT(6,0)
|
||||
defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && FIPS_VERSION3_NE(5,2,4)
|
||||
WOLFSSL_SMALL_STACK_STATIC const byte check[] =
|
||||
{
|
||||
0x27, 0xdd, 0xff, 0x5b, 0x21, 0x26, 0x0a, 0x48,
|
||||
@@ -62463,6 +62522,23 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
default:
|
||||
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
|
||||
break;
|
||||
}
|
||||
}
|
||||
else if (info->free.algo == WC_ALGO_TYPE_CIPHER) {
|
||||
switch (info->free.type) {
|
||||
#ifndef NO_AES
|
||||
case WC_CIPHER_AES:
|
||||
{
|
||||
Aes* aes = (Aes*)info->free.obj;
|
||||
aes->devId = INVALID_DEVID;
|
||||
wc_AesFree(aes);
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
default:
|
||||
ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN);
|
||||
|
||||
@@ -6150,6 +6150,7 @@ struct WOLFSSL {
|
||||
void* session_ticket_ctx;
|
||||
byte expect_session_ticket;
|
||||
#endif
|
||||
word16 hrr_keyshare_group;
|
||||
#endif /* HAVE_TLS_EXTENSIONS */
|
||||
#ifdef HAVE_OCSP
|
||||
void* ocspIOCtx;
|
||||
|
||||
+16
-16
@@ -1952,24 +1952,24 @@ struct Signer {
|
||||
int nameLen;
|
||||
char* name; /* common name */
|
||||
#ifndef IGNORE_NAME_CONSTRAINTS
|
||||
Base_entry* permittedNames;
|
||||
Base_entry* excludedNames;
|
||||
#endif /* !IGNORE_NAME_CONSTRAINTS */
|
||||
Base_entry* permittedNames;
|
||||
Base_entry* excludedNames;
|
||||
#endif
|
||||
byte subjectNameHash[SIGNER_DIGEST_SIZE];
|
||||
/* sha hash of names in certificate */
|
||||
#if defined(HAVE_OCSP) || defined(HAVE_CRL) || defined(WOLFSSL_AKID_NAME)
|
||||
byte issuerNameHash[SIGNER_DIGEST_SIZE];
|
||||
/* sha hash of issuer names in certificate.
|
||||
* Used in OCSP to check for authorized
|
||||
* responders. */
|
||||
#endif
|
||||
#ifndef NO_SKID
|
||||
byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
|
||||
/* sha hash of key in certificate */
|
||||
#endif
|
||||
#ifdef HAVE_OCSP
|
||||
byte subjectKeyHash[KEYID_SIZE];
|
||||
#endif
|
||||
#if defined(HAVE_OCSP) || defined(HAVE_CRL) || defined(WOLFSSL_AKID_NAME)
|
||||
byte issuerNameHash[SIGNER_DIGEST_SIZE];
|
||||
/* sha hash of issuer names in certificate.
|
||||
* Used in OCSP to check for authorized
|
||||
* responders. */
|
||||
#endif
|
||||
#ifndef NO_SKID
|
||||
byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
|
||||
/* sha hash of key in certificate */
|
||||
#endif
|
||||
#ifdef HAVE_OCSP
|
||||
byte subjectKeyHash[KEYID_SIZE];
|
||||
#endif
|
||||
#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
|
||||
byte serialHash[SIGNER_DIGEST_SIZE]; /* serial number hash */
|
||||
#endif
|
||||
|
||||
@@ -737,7 +737,7 @@ WOLFSSL_LOCAL int wc_CryptoCb_Kdf_TwostepCmac(const byte * salt, word32 saltSz,
|
||||
#endif /* HAVE_CMAC_KDF */
|
||||
|
||||
#ifndef WC_NO_RNG
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
|
||||
WOLFSSL_TEST_VIS int wc_CryptoCb_RandomBlock(WC_RNG* rng, byte* out, word32 sz);
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_RandomSeed(OS_Seed* os, byte* seed, word32 sz);
|
||||
#endif
|
||||
|
||||
|
||||
@@ -1233,7 +1233,7 @@ binding for XSNPRINTF
|
||||
#ifndef WC_OFFSETOF
|
||||
#if defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 4))
|
||||
#define WC_OFFSETOF(type, field) __builtin_offsetof(type, field)
|
||||
#elif defined(__WATCOMC__)
|
||||
#elif defined(__WATCOMC__) || defined(__IAR_SYSTEMS_ICC__)
|
||||
#include <stddef.h>
|
||||
#define WC_OFFSETOF offsetof
|
||||
#else
|
||||
|
||||
Reference in New Issue
Block a user