diff --git a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c index cdf377de9c..a4f4c80f21 100644 --- a/IDE/Espressif/ESP-IDF/test/test_wolfssl.c +++ b/IDE/Espressif/ESP-IDF/test/test_wolfssl.c @@ -171,7 +171,7 @@ static void tskAes256_Test(void *pvParam) } #endif -#if !defined(NO_RSA) || defined(HAVE_ECC) +#if (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(WC_NO_RNG) int mp_performance_check(int mul, int mulmod, int exptmod) { @@ -636,7 +636,7 @@ TEST_CASE("wolfssl mp mul performance test" , "[wolfssl]") TEST_ASSERT_EQUAL(0, mp_performance_check(mul, mulmod, exptmod)); } -#endif/* !NO_RSA || HAVE_ECC */ +#endif/* (!NO_RSA || HAVE_ECC) && !WC_NO_RNG */ TEST_CASE("wolfssl aes test" , "[wolfssl]") { diff --git a/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c b/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c index a40cc2de5e..37a8e52e4e 100644 --- a/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c +++ b/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c @@ -630,7 +630,9 @@ void shell_main(void *arg) { int i ; func_args args ; int bf_flg ; +#if defined(WOLFSSL_CMSIS_RTOS) osThreadId cmd ; +#endif i = BackGround ; /* Dummy for avoiding warning: BackGround is defined but not used. */ diff --git a/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c b/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c index 23389a3963..be610ccdbc 100644 --- a/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c +++ b/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c @@ -58,7 +58,9 @@ static void benchmark_TLS(int version, char* suites, int group) int i; NX_TCP_SOCKET sockfd; int ret; +#ifdef WOLFSSL_TLS13 int groups[1]; +#endif double start; WOLFSSL_METHOD* method = NULL; diff --git a/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c index 48c00a7875..f644c70da7 100644 --- a/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c +++ b/IDE/zephyr/wolfssl_tls_sock/src/tls_sock.c @@ -100,9 +100,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) if (ret == 0) { /* make wolfSSL object nonblocking */ wolfSSL_set_using_nonblock(client_ssl, 1); - } - if (ret == 0) { /* Return newly created wolfSSL context and object */ *ctx = client_ctx; *ssl = client_ssl; @@ -178,9 +176,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) if (ret == 0) { /* make wolfSSL object nonblocking */ wolfSSL_set_using_nonblock(server_ssl, 1); - } - if (ret == 0) { /* Return newly created wolfSSL context and object */ *ctx = server_ctx; *ssl = server_ssl; @@ -355,9 +351,9 @@ void server_thread(void* arg1, void* arg2, void* arg3) printf("unable to load static memory"); ret = -1; } -#endif if (ret == 0) +#endif ret = wolfssl_server_new(&server_ctx, &server_ssl); if (ret == 0) @@ -415,8 +411,7 @@ int wolfssl_client_connect_tcp(WOLFSSL* ssl, SOCKET_T* fd) if (ret == 0) { *fd = sockfd; tcp_set_nonblocking(&sockfd); - } - if (ret == 0) { + printf("Client Connect\n"); if (connect(sockfd, res->ai_addr, res->ai_addrlen) != 0) ret = -1; @@ -446,11 +441,13 @@ void client_thread() printf("unable to load static memory"); ret = -1; } -#endif - /* Client connection */ if (ret == 0) +#endif + { + /* Client connection */ ret = wolfssl_client_new(&client_ctx, &client_ssl); + } if (ret == 0) ret = wolfssl_client_connect_tcp(client_ssl, &sockfd); @@ -462,12 +459,12 @@ void client_thread() break; } - if (ret == 0) + if (ret == 0) { printf("Handshake complete\n"); - /* Send HTTP request */ - if (ret == 0) + /* Send HTTP request */ ret = wolfssl_send(client_ssl, msgHTTPGet); + } /* Receive HTTP response */ while (ret == 0) { k_sleep(10); diff --git a/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c index b1b7aa80e5..c57d8df6a5 100644 --- a/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c +++ b/IDE/zephyr/wolfssl_tls_thread/src/tls_threaded.c @@ -181,9 +181,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) /* Register callbacks */ wolfSSL_SetIORecv(client_ctx, recv_client); wolfSSL_SetIOSend(client_ctx, send_client); - } - if (ret == 0) { /* Create a WOLFSSL object */ if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) { printf("ERROR: failed to create WOLFSSL object\n"); @@ -194,9 +192,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) if (ret == 0) { /* make wolfSSL object nonblocking */ wolfSSL_set_using_nonblock(client_ssl, 1); - } - if (ret == 0) { /* Return newly created wolfSSL context and object */ *ctx = client_ctx; *ssl = client_ssl; @@ -264,9 +260,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) /* Register callbacks */ wolfSSL_SetIORecv(server_ctx, recv_server); wolfSSL_SetIOSend(server_ctx, send_server); - } - if (ret == 0) { /* Create a WOLFSSL object */ if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) { printf("ERROR: failed to create WOLFSSL object\n"); @@ -277,9 +271,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl) if (ret == 0) { /* make wolfSSL object nonblocking */ wolfSSL_set_using_nonblock(server_ssl, 1); - } - if (ret == 0) { /* Return newly created wolfSSL context and object */ *ctx = server_ctx; *ssl = server_ssl; @@ -406,9 +398,9 @@ void server_thread(void* arg1, void* arg2, void* arg3) printf("unable to load static memory"); ret = -1; } -#endif if (ret == 0) +#endif ret = wolfssl_server_new(&server_ctx, &server_ssl); while (ret == 0) { @@ -458,11 +450,13 @@ int main() printf("unable to load static memory"); ret = -1; } -#endif - /* Client connection */ if (ret == 0) +#endif + { + /* Client connection */ ret = wolfssl_client_new(&client_ctx, &client_ssl); + } while (ret == 0) { ret = wolfssl_client_connect(client_ssl); @@ -471,12 +465,12 @@ int main() k_sleep(10); } - if (ret == 0) + if (ret == 0) { printf("Handshake complete\n"); - /* Send HTTP request */ - if (ret == 0) + /* Send HTTP request */ ret = wolfssl_send(client_ssl, msgHTTPGet); + } /* Receive HTTP response */ while (ret == 0) { k_sleep(10); diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 43c272a97e..e22ea9c434 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -211,7 +211,7 @@ static const char* kTestStr = #if !defined(NO_WOLFSSL_SERVER) /* dh2048 p */ -static const unsigned char p[] = +static const unsigned char dhp[] = { 0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30, 0xd5, 0xf5, 0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6, 0x25, 0x27, @@ -236,7 +236,7 @@ static const unsigned char p[] = }; /* dh2048 g */ -static const unsigned char g[] = +static const unsigned char dhg[] = { 0x02, }; @@ -575,12 +575,11 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz) } static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer, - socklen_t peerSz) + socklen_t peerSz) { int sent; - int len = sz; - sent = (int)sendto(sd, &buf[sz - len], len, 0, peer, peerSz); + sent = (int)sendto(sd, buf, sz, 0, peer, peerSz); if (sent < 0) { if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) { @@ -1312,7 +1311,7 @@ static int bench_tls_server(info_t* info) wolfSSL_SetIOReadCtx(srv_ssl, info); wolfSSL_SetIOWriteCtx(srv_ssl, info); #ifndef NO_DH - wolfSSL_SetTmpDH(srv_ssl, p, sizeof(p), g, sizeof(g)); + wolfSSL_SetTmpDH(srv_ssl, dhp, sizeof(dhp), dhg, sizeof(dhg)); #endif /* accept TLS connection */ diff --git a/examples/client/client.c b/examples/client/client.c index f0e8393173..6c8cf50135 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -72,7 +72,7 @@ static int lng_index = 0; #ifdef WOLFSSL_CALLBACKS - WOLFSSL_TIMEVAL timeout; + WOLFSSL_TIMEVAL timeoutConnect; static int handShakeCB(HandShakeInfo* info) { (void)info; @@ -111,7 +111,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl) #ifndef WOLFSSL_CALLBACKS ret = wolfSSL_connect(ssl); #else - ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); + ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeoutConnect); #endif error = wolfSSL_get_error(ssl, 0); sockfd = (SOCKET_T)wolfSSL_get_fd(ssl); @@ -157,7 +157,8 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl) #ifndef WOLFSSL_CALLBACKS ret = wolfSSL_connect(ssl); #else - ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); + ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, + timeoutConnect); #endif error = wolfSSL_get_error(ssl, 0); elapsedSec = 0; /* reset elapsed */ @@ -660,7 +661,11 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, "\tConnect %8.3f ms\n" "\tTX %8.3f ms (%8.3f MBps)\n" "\tRX %8.3f ms (%8.3f MBps)\n", +#if !defined(__MINGW32__) throughput, +#else + (int)throughput, +#endif conn_time * 1000, tx_time * 1000, throughput / tx_time / 1024 / 1024, rx_time * 1000, throughput / rx_time / 1024 / 1024 @@ -1390,7 +1395,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) because can't tell if we're really going there to detect old chacha-poly */ +#ifndef WOLFSSL_VXWORKS int ch; +#endif int version = CLIENT_INVALID_VERSION; int usePsk = 0; int useAnon = 0; @@ -2677,6 +2684,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #ifdef WOLFSSL_TLS13 if (!helloRetry) { + #if defined(WOLFSSL_TLS13) && (!defined(NO_DH) || defined(HAVE_ECC) || \ + defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) if (onlyKeyShare == 0 || onlyKeyShare == 2) { #ifdef HAVE_CURVE25519 if (useX25519) { @@ -2711,6 +2720,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } #endif } + #endif } else { wolfSSL_NoKeyShares(ssl); @@ -2907,8 +2917,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } while (err == WC_PENDING_E); } #else - timeout.tv_sec = DEFAULT_TIMEOUT_SEC; - timeout.tv_usec = 0; + timeoutConnect.tv_sec = DEFAULT_TIMEOUT_SEC; + timeoutConnect.tv_usec = 0; ret = NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ #endif if (ret != WOLFSSL_SUCCESS) { @@ -3222,7 +3232,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (nonBlocking) { #ifdef WOLFSSL_DTLS if (doDTLS) { - wolfSSL_dtls_set_using_nonblock(ssl, 1); + wolfSSL_dtls_set_using_nonblock(sslResume, 1); } #endif tcp_set_nonblocking(&sockfd); @@ -3255,8 +3265,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) } while (err == WC_PENDING_E); } #else - timeout.tv_sec = DEFAULT_TIMEOUT_SEC; - timeout.tv_usec = 0; + timeoutConnect.tv_sec = DEFAULT_TIMEOUT_SEC; + timeoutConnect.tv_usec = 0; ret = NonBlockingSSL_Connect(sslResume); /* will keep retrying on timeout */ #endif if (ret != WOLFSSL_SUCCESS) { diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index c447ad88b2..e27ecc2b5c 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -59,8 +59,10 @@ void echoclient_test(void* args) FILE* fin = stdin ; FILE* fout = stdout; +#ifndef WOLFSSL_MDK_SHELL int inCreated = 0; int outCreated = 0; +#endif char msg[1024]; char reply[1024+1]; @@ -106,11 +108,11 @@ void echoclient_test(void* args) #ifdef CYASSL_LEANPSK doPSK = 1; #endif - #if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \ !defined(HAVE_ED448) doPSK = 1; #endif + (void)doPSK; #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL) port = ((func_args*)args)->signal->port; @@ -151,8 +153,8 @@ void echoclient_test(void* args) /* don't use EDH, can't sniff tmp keys */ SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif - if (doPSK) { #ifndef NO_PSK + if (doPSK) { const char *defaultCipherList; CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); @@ -165,8 +167,8 @@ void echoclient_test(void* args) #endif if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS) err_sys("client can't set cipher list 2"); -#endif } +#endif #ifdef WOLFSSL_ENCRYPTED_KEYS SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); @@ -318,8 +320,10 @@ void echoclient_test(void* args) #endif fflush(fout); +#ifndef WOLFSSL_MDK_SHELL if (inCreated) fclose(fin); if (outCreated) fclose(fout); +#endif CloseSocket(sockfd); ((func_args*)args)->return_code = 0; diff --git a/examples/server/server.c b/examples/server/server.c index c4fe52a5eb..192c03a72e 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -203,7 +203,6 @@ static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx) WOLFSSL_TEST_DTLS_CTX* dtlsCtx = (WOLFSSL_TEST_DTLS_CTX*)ctx; int sd = dtlsCtx->wfd; int sent; - int len = sz; int err; (void)ssl; @@ -220,9 +219,8 @@ static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx) } } - sent = (int)sendto(sd, &buf[sz - len], len, 0, - (const SOCKADDR*)&dtlsCtx->peer.sa, - dtlsCtx->peer.sz); + sent = (int)sendto(sd, buf, sz, 0, (const SOCKADDR*)&dtlsCtx->peer.sa, + dtlsCtx->peer.sz); sent = TranslateReturnCode(sent, sd); @@ -430,7 +428,11 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block, #endif "\tRX %8.3f ms (%8.3f MBps)\n" "\tTX %8.3f ms (%8.3f MBps)\n", + #if !defined(__MINGW32__) throughput, + #else + (int)throughput, + #endif tx_time * 1000, throughput / tx_time / 1024 / 1024, rx_time * 1000, throughput / rx_time / 1024 / 1024 ); @@ -902,7 +904,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif int useWebServerMsg = 0; char input[80]; +#ifndef WOLFSSL_VXWORKS int ch; +#endif int version = SERVER_DEFAULT_VERSION; #ifndef WOLFSSL_NO_CLIENT_AUTH int doCliCertCheck = 1; @@ -2199,11 +2203,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) } #endif tcp_set_nonblocking(&clientfd); - } -#endif -#ifndef WOLFSSL_CALLBACKS - if (nonBlocking) { ret = NonBlockingSSL_Accept(ssl); } else { diff --git a/src/internal.c b/src/internal.c index f099563fe3..f207d4d4f3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6298,27 +6298,29 @@ void SSL_ResourceFree(WOLFSSL* ssl) #endif #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) ||defined(HAVE_CURVE448) { - int dtype; + int dtype = 0; #ifdef HAVE_ECC dtype = DYNAMIC_TYPE_ECC; #endif #ifdef HAVE_CURVE25519 + if (ssl->peerX25519KeyPresent #ifdef HAVE_ECC - if (ssl->peerX25519KeyPresent || - ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519) + || ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519 #endif /* HAVE_ECC */ - { + ) + { dtype = DYNAMIC_TYPE_CURVE25519; - } + } #endif /* HAVE_CURVE25519 */ #ifdef HAVE_CURVE448 + if (ssl->peerX448KeyPresent #ifdef HAVE_ECC - if (ssl->peerX448KeyPresent || - ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE448) + || ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE448 #endif /* HAVE_ECC */ - { + ) + { dtype = DYNAMIC_TYPE_CURVE448; - } + } #endif /* HAVE_CURVE448 */ FreeKey(ssl, dtype, (void**)&ssl->eccTempKey); ssl->eccTempKeyPresent = 0; @@ -11227,7 +11229,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, } if (keyRet != 0 || wc_RsaPublicKeyDecode( - args->dCert->publicKey, &keyIdx, ssl->peerRsaKey, + args->dCert->publicKey, &keyIdx, ssl->peerRsaKey, args->dCert->pubKeySize) != 0) { ret = PEER_KEY_ERROR; } @@ -11240,10 +11242,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, ssl->peerTsipEncRsaKeyIndex = (byte*)XMALLOC( TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY, ssl->heap, DYNAMIC_TYPE_RSA); - } - if (!ssl->peerTsipEncRsaKeyIndex) { - args->lastErr = MEMORY_E; - goto exit_ppc; + if (!ssl->peerTsipEncRsaKeyIndex) { + args->lastErr = MEMORY_E; + goto exit_ppc; + } } XMEMCPY(ssl->peerTsipEncRsaKeyIndex, @@ -19828,7 +19830,7 @@ exit_dpk: } #endif - if ((*inOutIdx - begin) + OPAQUE16_LEN + OPAQUE8_LEN > size) + if (OPAQUE16_LEN + OPAQUE8_LEN > size) return BUFFER_ERROR; XMEMCPY(&pv, input + *inOutIdx, OPAQUE16_LEN); @@ -20373,7 +20375,7 @@ exit_dpk: AddLateName("CertificateRequest", &ssl->timeoutInfo); #endif - if ((*inOutIdx - begin) + OPAQUE8_LEN > size) + if (OPAQUE8_LEN > size) return BUFFER_ERROR; len = input[(*inOutIdx)++]; @@ -24024,7 +24026,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return SESSION_TICKET_EXPECT_E; } - if ((*inOutIdx - begin) + OPAQUE32_LEN > size) + if (OPAQUE32_LEN > size) return BUFFER_ERROR; ato32(input + *inOutIdx, &lifetime); @@ -26538,7 +26540,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo); #endif /* protocol version, random and session id length check */ - if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz) + if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz) return BUFFER_ERROR; /* protocol version */ @@ -29082,7 +29084,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ret = args->lastErr; args->lastErr = 0; /* reset */ /* On error 'ret' will be negative - top bit set */ - mask = (ret >> ((sizeof(ret) * 8) - 1)) - 1; + mask = ((unsigned int)ret >> + ((sizeof(ret) * 8) - 1)) - 1; /* build PreMasterSecret */ ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; diff --git a/src/keys.c b/src/keys.c index e7aa361733..55b2d9bed1 100644 --- a/src/keys.c +++ b/src/keys.c @@ -2227,14 +2227,16 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, #ifdef BUILD_ARC4 if (specs->bulk_cipher_algorithm == wolfssl_rc4) { word32 sz = specs->key_size; - if (enc && enc->arc4 == NULL) + if (enc && enc->arc4 == NULL) { enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); - if (enc && enc->arc4 == NULL) - return MEMORY_E; - if (dec && dec->arc4 == NULL) + if (enc->arc4 == NULL) + return MEMORY_E; + } + if (dec && dec->arc4 == NULL) { dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); - if (dec && dec->arc4 == NULL) - return MEMORY_E; + if (dec->arc4 == NULL) + return MEMORY_E; + } if (enc) { if (wc_Arc4Init(enc->arc4, heap, devId) != 0) { @@ -2903,16 +2905,16 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, if (enc && enc->hmac == NULL) { enc->hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_CIPHER); + if (enc->hmac == NULL) + return MEMORY_E; } - if (enc && enc->hmac == NULL) - return MEMORY_E; if (dec && dec->hmac == NULL) { dec->hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_CIPHER); + if (dec->hmac == NULL) + return MEMORY_E; } - if (dec && dec->hmac == NULL) - return MEMORY_E; if (enc) { if (wc_HmacInit(enc->hmac, heap, devId) != 0) { diff --git a/src/sniffer.c b/src/sniffer.c index 47e94b236e..9087148182 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -1875,14 +1875,14 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes, } } - if (ret == 0) { #ifdef WC_RSA_BLINDING + if (ret == 0) { ret = wc_RsaSetRNG(&key, session->sslServer->rng); if (ret != 0) { SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE); } - #endif } + #endif if (ret == 0) { session->keySz = length * WOLFSSL_BIT_SIZE; diff --git a/src/ssl.c b/src/ssl.c index f6457c6b3d..1b9f8903ce 100755 --- a/src/ssl.c +++ b/src/ssl.c @@ -1152,10 +1152,9 @@ int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX* ctx, word16 id) #ifndef WOLFSSL_USER_IO ctx->CBIORecv = EmbedReceiveFromMcast; #endif /* WOLFSSL_USER_IO */ - } - if (ret == 0) ret = WOLFSSL_SUCCESS; + } WOLFSSL_LEAVE("wolfSSL_CTX_mcast_set_member_id()", ret); return ret; } @@ -6383,9 +6382,8 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ret = ProcessBuffer(ctx, buff + used, sz - used, format, type, ssl, &consumed, 0, verify); -#ifdef WOLFSSL_WPAS -#ifdef HAVE_CRL if (ret < 0) { +#if defined(WOLFSSL_WPAS) && defined(HAVE_CRL) DerBuffer* der = NULL; EncryptedInfo info; @@ -6394,15 +6392,13 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, NULL) == 0) { WOLFSSL_MSG(" Processed a CRL"); wolfSSL_CertManagerLoadCRLBuffer(ctx->cm, der->buffer, - der->length, WOLFSSL_FILETYPE_ASN1); + der->length, WOLFSSL_FILETYPE_ASN1); FreeDer(&der); used += info.consumed; continue; } - } #endif -#endif - if (ret < 0) { + if (consumed > 0) { /* Made progress in file */ WOLFSSL_ERROR(ret); WOLFSSL_MSG("CA Parse failed, with progress in file."); @@ -13482,9 +13478,7 @@ int AddSession(WOLFSSL* ssl) session->ticket = session->staticTicket; session->isDynamic = 0; } - } - if (error == 0) { session->ticketLen = (word16)ticLen; XMEMCPY(session->ticket, ssl->session.ticket, ticLen); } else { /* cleanup, reset state */ @@ -39339,8 +39333,6 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl) #ifdef WOLFSSL_CERT_EXT cName->busCat[0] = '\0'; cName->busCatEnc = CTC_UTF8; - cName->serialDev[0] = '\0'; - cName->serialDevEnc = CTC_PRINTABLE; cName->joiC[0] = '\0'; cName->joiCEnc = CTC_PRINTABLE; cName->joiSt[0] = '\0'; @@ -40272,10 +40264,8 @@ err: if (ret == WOLFSSL_SUCCESS) { XSTRNCPY(nameStr, pem + PEM_BEGIN_SZ, nameLen); nameStr[nameLen] = '\0'; - } - /* Get header of PEM - encryption header. */ - if (ret == WOLFSSL_SUCCESS) { + /* Get header of PEM - encryption header. */ headerLen = 0; while ((pemLen = wolfSSL_BIO_gets(bio, pem, sizeof(pem) - 1)) > 0) { while (pemLen > 0 && (pem[pemLen - 1] == '\r' || @@ -43707,7 +43697,9 @@ long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt) long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt, void* pt) { +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) long ctrl_opt; +#endif long ret = WOLFSSL_SUCCESS; WOLFSSL_ENTER("wolfSSL_CTX_ctrl"); diff --git a/src/tls.c b/src/tls.c index 1b0264d879..2783270693 100644 --- a/src/tls.c +++ b/src/tls.c @@ -9001,13 +9001,13 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length, return TLSX_EarlyData_Use(ssl, 1); } if (msgType == session_ticket) { - word32 max; + word32 maxSz; if (length != OPAQUE32_LEN) return BUFFER_E; - ato32(input, &max); + ato32(input, &maxSz); - ssl->session.maxEarlyDataSz = max; + ssl->session.maxEarlyDataSz = maxSz; return 0; } diff --git a/src/wolfio.c b/src/wolfio.c index 6040f9f612..b7032caeea 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -392,12 +392,11 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx) WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx; int sd = dtlsCtx->wfd; int sent; - int len = sz; int err; WOLFSSL_ENTER("EmbedSendTo()"); - sent = (int)SENDTO_FUNCTION(sd, &buf[sz - len], len, ssl->wflags, + sent = (int)SENDTO_FUNCTION(sd, buf, sz, ssl->wflags, (const SOCKADDR*)dtlsCtx->peer.sa, dtlsCtx->peer.sz); @@ -1928,12 +1927,11 @@ int MicriumSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx) WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx; NET_SOCK_ID sd = dtlsCtx->wfd; NET_SOCK_RTN_CODE ret; - int len = sz; NET_ERR err; WOLFSSL_ENTER("MicriumSendTo()"); - ret = NetSock_TxDataTo(sd, &buf[sz - len], len, ssl->wflags, + ret = NetSock_TxDataTo(sd, buf, sz, ssl->wflags, (NET_SOCK_ADDR*)dtlsCtx->peer.sa, (NET_SOCK_ADDR_LEN)dtlsCtx->peer.sz, &err); diff --git a/tests/api.c b/tests/api.c index 6130a329f3..775ae238b5 100644 --- a/tests/api.c +++ b/tests/api.c @@ -13728,8 +13728,7 @@ static int test_wc_DsaPublicPrivateKeyDecode (void) priv = WOLFSSL_FATAL_ERROR; } } - } /* END Private Key */ - if (ret == 0) { + wc_FreeDsaKey(&key); ret = wc_InitDsaKey(&key); } @@ -27085,11 +27084,12 @@ static void test_wolfSSL_sk_CIPHER_description(void) } /* Search cipher description string for "unknown" descriptor */ - for (j=0; j < (int)XSTRLEN(buf); j++) { - k=0; - while ((buf[j] == badStr[k]) && (k < (int)XSTRLEN(badStr))) { + for (j = 0; j < (int)XSTRLEN(buf); j++) { + k = 0; + while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) { test_str[k] = badStr[k]; - j++,k++; + j++; + k++; } } /* Fail if test_str == badStr == "unknown" */ @@ -28782,11 +28782,13 @@ static void test_wc_ecc_get_curve_id_from_name(void) static void test_wc_ecc_get_curve_id_from_dp_params(void) { int id; +#if !defined(NO_ECC256) && !defined(NO_ECC_SECP) int curve_id; - int ret = 0; - WOLFSSL_EC_KEY *ecKey; ecc_key* key; const ecc_set_type* params; + int ret; +#endif + WOLFSSL_EC_KEY *ecKey = NULL; printf(testingFmt, "wc_ecc_get_curve_id_from_dp_params"); diff --git a/tests/srp.c b/tests/srp.c index 6fe2edb0cb..504fbfb1cd 100644 --- a/tests/srp.c +++ b/tests/srp.c @@ -38,7 +38,7 @@ static word32 usernameSz = 4; static byte password[] = "password"; static word32 passwordSz = 8; -static byte N[] = { +static byte srp_N[] = { 0xD4, 0xC7, 0xF8, 0xA2, 0xB3, 0x2C, 0x11, 0xB8, 0xFB, 0xA9, 0x58, 0x1E, 0xC4, 0xBA, 0x4F, 0x1B, 0x04, 0x21, 0x56, 0x42, 0xEF, 0x73, 0x55, 0xE3, 0x7C, 0x0F, 0xC0, 0x44, 0x3E, 0xF7, 0x56, 0xEA, 0x2C, 0x6B, 0x8E, 0xEB, @@ -47,15 +47,15 @@ static byte N[] = { 0xDB, 0xDF, 0xCA, 0x43 }; -static byte g[] = { +static byte srp_g[] = { 0x02 }; -static byte salt[] = { +static byte srp_salt[] = { 0x80, 0x66, 0x61, 0x5B, 0x7D, 0x33, 0xA2, 0x2E, 0x79, 0x18 }; -static byte verifier[] = { +static byte srp_verifier[] = { 0x24, 0x5F, 0xA5, 0x1B, 0x2A, 0x28, 0xF8, 0xFF, 0xE2, 0xA0, 0xF8, 0x61, 0x7B, 0x0F, 0x3C, 0x05, 0xD6, 0x4A, 0x55, 0xDF, 0x74, 0x31, 0x54, 0x47, 0xA1, 0xFA, 0x9D, 0x25, 0x7B, 0x02, 0x88, 0x0A, 0xE8, 0x5A, 0xBA, 0x8B, @@ -64,13 +64,13 @@ static byte verifier[] = { 0x38, 0x19, 0xAB, 0x24 }; -static byte a[] = { +static byte srp_a[] = { 0x37, 0x95, 0xF2, 0xA6, 0xF1, 0x6F, 0x0D, 0x58, 0xBF, 0xED, 0x44, 0x87, 0xE0, 0xB6, 0xCC, 0x1C, 0xA0, 0x50, 0xC6, 0x61, 0xBB, 0x36, 0xE0, 0x9A, 0xF3, 0xF7, 0x1E, 0x7A, 0x61, 0x86, 0x5A, 0xF5 }; -static byte A[] = { +static byte srp_A[] = { 0x8D, 0x28, 0xC5, 0x6A, 0x46, 0x5C, 0x82, 0xDB, 0xC7, 0xF6, 0x8B, 0x62, 0x1A, 0xAD, 0xA1, 0x76, 0x1B, 0x55, 0xFF, 0xAB, 0x10, 0x2F, 0xFF, 0x4A, 0xAA, 0x46, 0xAD, 0x33, 0x64, 0xDE, 0x28, 0x2E, 0x82, 0x7A, 0xBE, 0xEA, @@ -79,13 +79,13 @@ static byte A[] = { 0xBF, 0xCF, 0x2D, 0xB0 }; -static byte b[] = { +static byte srp_b[] = { 0x2B, 0xDD, 0x30, 0x30, 0x53, 0xAF, 0xD8, 0x3A, 0xE7, 0xE0, 0x17, 0x82, 0x39, 0x44, 0x2C, 0xDB, 0x30, 0x88, 0x0F, 0xC8, 0x88, 0xC2, 0xB2, 0xC1, 0x78, 0x43, 0x2F, 0xD5, 0x60, 0xD4, 0xDA, 0x43 }; -static byte B[] = { +static byte srp_B[] = { 0xB5, 0x80, 0x36, 0x7F, 0x50, 0x89, 0xC1, 0x04, 0x42, 0x98, 0xD7, 0x6A, 0x37, 0x8E, 0xF1, 0x81, 0x52, 0xC5, 0x7A, 0xA1, 0xD5, 0xB7, 0x66, 0x84, 0xA1, 0x3E, 0x32, 0x82, 0x2B, 0x3A, 0xB5, 0xD7, 0x3D, 0x50, 0xF1, 0x58, @@ -94,19 +94,19 @@ static byte B[] = { 0x0E, 0xC7, 0x92, 0xAD }; -static byte key[] = { +static byte srp_key[] = { 0x66, 0x00, 0x9D, 0x58, 0xB3, 0xD2, 0x0D, 0x4B, 0x69, 0x7F, 0xCF, 0x48, 0xFF, 0x8F, 0x15, 0x81, 0x4C, 0x4B, 0xFE, 0x9D, 0x85, 0x77, 0x88, 0x60, 0x1D, 0x1E, 0x51, 0xCF, 0x75, 0xCC, 0x58, 0x00, 0xE7, 0x8D, 0x22, 0x87, 0x13, 0x6C, 0x88, 0x55 }; -static byte client_proof[] = { +static byte srp_client_proof[] = { 0x0D, 0x49, 0xE1, 0x9C, 0x3A, 0x88, 0x43, 0x15, 0x45, 0xA8, 0xAC, 0xAB, 0xEA, 0x15, 0x1A, 0xEE, 0xF9, 0x38, 0x4D, 0x21 }; -static byte server_proof[] = { +static byte srp_server_proof[] = { 0xBD, 0xB1, 0x20, 0x70, 0x46, 0xC9, 0xD6, 0xCC, 0xE2, 0x1D, 0x75, 0xA2, 0xD0, 0xAF, 0xC5, 0xBC, 0xAE, 0x12, 0xFC, 0x75 }; @@ -151,34 +151,39 @@ static void test_SrpSetParams(void) AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE)); /* invalid call order */ - AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp, + srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); /* fix call order */ AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz)); /* invalid params */ - AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); - AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, NULL, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); - AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N), - NULL, sizeof(g), - salt, sizeof(salt))); - AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - NULL, sizeof(salt))); + AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL, + srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); + AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, + NULL, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); + AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, + srp_N, sizeof(srp_N), + NULL, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); + AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, + srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + NULL, sizeof(srp_salt))); /* success */ - AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); - AssertIntEQ(sizeof(salt), srp.saltSz); - AssertIntEQ(0, XMEMCMP(srp.salt, salt, srp.saltSz)); + AssertIntEQ(sizeof(srp_salt), srp.saltSz); + AssertIntEQ(0, XMEMCMP(srp.salt, srp_salt, srp.saltSz)); wc_SrpTerm(&srp); } @@ -199,9 +204,9 @@ static void test_SrpSetPassword(void) wc_SrpGetVerifier(&srp, v, &vSz)); /* fix call order */ - AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); /* invalid params */ AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(NULL, password, passwordSz)); @@ -218,8 +223,8 @@ static void test_SrpSetPassword(void) /* success */ vSz = sizeof(v); AssertIntEQ(0, wc_SrpGetVerifier(&srp, v, &vSz)); - AssertIntEQ(vSz, sizeof(verifier)); - AssertIntEQ(0, XMEMCMP(verifier, v, vSz)); + AssertIntEQ(vSz, sizeof(srp_verifier)); + AssertIntEQ(0, XMEMCMP(srp_verifier, v, vSz)); /* invalid params - client side srp */ AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, v, vSz)); @@ -245,9 +250,9 @@ static void test_SrpGetPublic(void) AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE)); AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz)); - AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); /* invalid call order */ AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz)); @@ -263,30 +268,30 @@ static void test_SrpGetPublic(void) /* success */ pubSz = sizeof(pub); - AssertIntEQ(0, wc_SrpSetPrivate(&srp, a, sizeof(a))); + AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_a, sizeof(srp_a))); AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz)); - AssertIntEQ(pubSz, sizeof(A)); - AssertIntEQ(0, XMEMCMP(pub, A, pubSz)); + AssertIntEQ(pubSz, sizeof(srp_A)); + AssertIntEQ(0, XMEMCMP(pub, srp_A, pubSz)); wc_SrpTerm(&srp); AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE)); AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz)); - AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); /* invalid call order */ AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz)); /* fix call order */ - AssertIntEQ(0, wc_SrpSetVerifier(&srp, verifier, sizeof(verifier))); + AssertIntEQ(0, wc_SrpSetVerifier(&srp, srp_verifier, sizeof(srp_verifier))); /* success */ - AssertIntEQ(0, wc_SrpSetPrivate(&srp, b, sizeof(b))); + AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_b, sizeof(srp_b))); AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz)); - AssertIntEQ(pubSz, sizeof(B)); - AssertIntEQ(0, XMEMCMP(pub, B, pubSz)); + AssertIntEQ(pubSz, sizeof(srp_B)); + AssertIntEQ(0, XMEMCMP(pub, srp_B, pubSz)); wc_SrpTerm(&srp); } @@ -311,22 +316,22 @@ static void test_SrpComputeKey(void) AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz)); AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz)); - AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); - AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); + AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz)); - AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier))); + AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier))); - AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a))); + AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a))); AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz)); - AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz)); - AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b))); + AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz)); + AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b))); AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz)); - AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz)); + AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz)); /* invalid params */ AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(NULL, @@ -350,8 +355,8 @@ static void test_SrpComputeKey(void) serverPubKey, serverPubKeySz)); AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz, serverPubKey, serverPubKeySz)); - AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key))); - AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key))); + AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key))); + AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key))); wc_SrpTerm(&cli); wc_SrpTerm(&srv); @@ -375,31 +380,31 @@ static void test_SrpGetProofAndVerify(void) AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz)); AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz)); - AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); - AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N), - g, sizeof(g), - salt, sizeof(salt))); + AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); + AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N), + srp_g, sizeof(srp_g), + srp_salt, sizeof(srp_salt))); AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz)); - AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier))); + AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier))); - AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a))); + AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a))); AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz)); - AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz)); + AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz)); - AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b))); + AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b))); AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz)); - AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz)); + AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz)); AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz, serverPubKey, serverPubKeySz)); - AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key))); + AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key))); AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz, serverPubKey, serverPubKeySz)); - AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key))); + AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key))); /* invalid params */ serverProofSz = 0; @@ -418,10 +423,12 @@ static void test_SrpGetProofAndVerify(void) /* success */ AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz)); - AssertIntEQ(0, XMEMCMP(clientProof, client_proof, sizeof(client_proof))); + AssertIntEQ(0, XMEMCMP(clientProof, srp_client_proof, + sizeof(srp_client_proof))); AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz)); AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz)); - AssertIntEQ(0, XMEMCMP(serverProof, server_proof, sizeof(server_proof))); + AssertIntEQ(0, XMEMCMP(serverProof, srp_server_proof, + sizeof(srp_server_proof))); AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz)); wc_SrpTerm(&cli); diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index dd15cc7437..8cd2cd2914 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -242,14 +242,10 @@ void simple_test(func_args* args) for (i = 0; i < 3; i++) cliArgv[i] = argvc[i]; + strcpy(argvs[0], "SimpleServer"); svrArgs.argc = 1; svrArgs.argv = svrArgv; svrArgs.return_code = 0; - cliArgs.argc = 1; - cliArgs.argv = cliArgv; - cliArgs.return_code = 0; - - strcpy(argvs[0], "SimpleServer"); #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_SNIFFER) && \ !defined(WOLFSSL_TIRTOS) strcpy(argvs[svrArgs.argc++], "-p"); @@ -264,10 +260,14 @@ void simple_test(func_args* args) /* Setting the actual port number. */ strcpy(argvc[0], "SimpleClient"); + cliArgs.argv = cliArgv; + cliArgs.return_code = 0; #ifndef USE_WINDOWS_API cliArgs.argc = NUMARGS; strcpy(argvc[1], "-p"); snprintf(argvc[2], sizeof(argvc[2]), "%d", svrArgs.signal->port); + #else + cliArgs.argc = 1; #endif client_test(&cliArgs); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 0d07271ac0..6b43ab110b 100755 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -718,7 +718,7 @@ static const char* bench_desc_words[][9] = { || defined(HAVE_CURVE25519) || defined(HAVE_ED25519) \ || defined(HAVE_CURVE448) || defined(HAVE_ED448) #define HAVE_LOCAL_RNG - static THREAD_LS_T WC_RNG rng; + static THREAD_LS_T WC_RNG gRng; #endif #if defined(HAVE_ED25519) || defined(HAVE_CURVE25519) || \ @@ -1371,9 +1371,9 @@ static void* benchmarks_do(void* args) int rngRet; #ifndef HAVE_FIPS - rngRet = wc_InitRng_ex(&rng, HEAP_HINT, devId); + rngRet = wc_InitRng_ex(&gRng, HEAP_HINT, devId); #else - rngRet = wc_InitRng(&rng); + rngRet = wc_InitRng(&gRng); #endif if (rngRet < 0) { printf("InitRNG failed\n"); @@ -1891,7 +1891,7 @@ exit: #endif #if defined(HAVE_LOCAL_RNG) - wc_FreeRng(&rng); + wc_FreeRng(&gRng); #endif #ifdef WOLFSSL_ASYNC_CRYPT @@ -4308,7 +4308,7 @@ static void bench_rsaKeyGen_helper(int doAsync, int keySz) goto exit; } - ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &rng); + ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &gRng); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0, ×, &pending)) { goto exit; } @@ -4472,12 +4472,11 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING], DECLARE_VAR_INIT(message, byte, len, messageStr, HEAP_HINT); #endif #if !defined(WOLFSSL_MDK5_COMPLv5) - /* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */ - DECLARE_ARRAY_DYNAMIC_DEC(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT); - #else - byte* enc[BENCH_MAX_PENDING]; - int idxenc; - #endif + /* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */ + DECLARE_ARRAY_DYNAMIC_DEC(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT); + #else + byte* enc[BENCH_MAX_PENDING]; + #endif #if !defined(WOLFSSL_RSA_VERIFY_INLINE) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY) #if !defined(WOLFSSL_MDK5_COMPLv5) @@ -4511,7 +4510,7 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING], 1, ×, ntimes, &pending)) { ret = wc_RsaPublicEncrypt(message, (word32)len, enc[i], rsaKeySz/8, &rsaKey[i], - &rng); + &gRng); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV( &rsaKey[i]), 1, ×, &pending)) { goto exit_rsa_pub; @@ -4574,7 +4573,7 @@ exit: if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, ntimes, &pending)) { ret = wc_RsaSSL_Sign(message, len, enc[i], - rsaKeySz/8, &rsaKey[i], &rng); + rsaKeySz/8, &rsaKey[i], &gRng); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, &pending)) { @@ -4691,7 +4690,7 @@ void bench_rsa(int doAsync) #ifndef WOLFSSL_RSA_VERIFY_ONLY #ifdef WC_RSA_BLINDING - ret = wc_RsaSetRNG(&rsaKey[i], &rng); + ret = wc_RsaSetRNG(&rsaKey[i], &gRng); if (ret != 0) goto exit_bench_rsa; #endif @@ -4763,14 +4762,14 @@ void bench_rsa_key(int doAsync, int rsaKeySz) } #ifdef WC_RSA_BLINDING - ret = wc_RsaSetRNG(&rsaKey[i], &rng); + ret = wc_RsaSetRNG(&rsaKey[i], &gRng); if (ret != 0) goto exit_bench_rsa_key; #endif } /* create the RSA key */ - ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &rng); + ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &gRng); if (ret == WC_PENDING_E) { isPending[i] = 1; pending = 1; @@ -4920,7 +4919,7 @@ void bench_dh(int doAsync) for (i = 0; i < BENCH_MAX_PENDING; i++) { if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&dhKey[i]), 0, ×, genTimes, &pending)) { privSz[i] = 0; - ret = wc_DhGenerateKeyPair(&dhKey[i], &rng, priv[i], &privSz[i], + ret = wc_DhGenerateKeyPair(&dhKey[i], &gRng, priv[i], &privSz[i], pub[i], &pubSz[i]); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&dhKey[i]), 0, ×, &pending)) { goto exit_dh_gen; @@ -4938,7 +4937,7 @@ exit_dh_gen: } /* Generate key to use as other public */ - ret = wc_DhGenerateKeyPair(&dhKey[0], &rng, priv2, &privSz2, pub2, &pubSz2); + ret = wc_DhGenerateKeyPair(&dhKey[0], &gRng, priv2, &privSz2, pub2, &pubSz2); #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_AsyncWait(ret, &dhKey[0].asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -4990,7 +4989,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out) return 0; if (cmd == GET_BYTE_OF_ENTROPY) - return (wc_RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; + return (wc_RNG_GenerateBlock(&gRng, out, 1) == 0) ? 1 : 0; if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { *out = 1; @@ -5232,7 +5231,7 @@ void bench_eccMakeKey(int doAsync) goto exit; } - ret = wc_ecc_make_key(&rng, keySize, &genKey[i]); + ret = wc_ecc_make_key(&gRng, keySize, &genKey[i]); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0, ×, &pending)) { goto exit; } @@ -5288,7 +5287,7 @@ void bench_ecc(int doAsync) doAsync ? devId : INVALID_DEVID)) < 0) { goto exit; } - ret = wc_ecc_make_key(&rng, keySize, &genKey[i]); + ret = wc_ecc_make_key(&gRng, keySize, &genKey[i]); #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_AsyncWait(ret, &genKey[i].asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -5300,7 +5299,7 @@ void bench_ecc(int doAsync) if ((ret = wc_ecc_init_ex(&genKey2[i], HEAP_HINT, INVALID_DEVID)) < 0) { goto exit; } - if ((ret = wc_ecc_make_key(&rng, keySize, &genKey2[i])) > 0) { + if ((ret = wc_ecc_make_key(&gRng, keySize, &genKey2[i])) > 0) { goto exit; } #endif @@ -5356,7 +5355,7 @@ exit_ecdhe: if (genKey[i].state == 0) x[i] = ECC_MAX_SIG_SIZE; ret = wc_ecc_sign_hash(digest[i], (word32)keySize, sig[i], &x[i], - &rng, &genKey[i]); + &gRng, &genKey[i]); if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1, ×, &pending)) { goto exit_ecdsa_sign; } @@ -5446,13 +5445,13 @@ void bench_eccEncrypt(void) return; } - ret = wc_ecc_make_key(&rng, keySize, &userA); + ret = wc_ecc_make_key(&gRng, keySize, &userA); #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_AsyncWait(ret, &userA.asyncDev, WC_ASYNC_FLAG_NONE); #endif if (ret != 0) goto exit; - ret = wc_ecc_make_key(&rng, keySize, &userB); + ret = wc_ecc_make_key(&gRng, keySize, &userB); #ifdef WOLFSSL_ASYNC_CRYPT ret = wc_AsyncWait(ret, &userB.asyncDev, WC_ASYNC_FLAG_NONE); #endif @@ -5513,7 +5512,7 @@ void bench_curve25519KeyGen(void) bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { - ret = wc_curve25519_make_key(&rng, 32, &genKey); + ret = wc_curve25519_make_key(&gRng, 32, &genKey); wc_curve25519_free(&genKey); if (ret != 0) { printf("wc_curve25519_make_key failed: %d\n", ret); @@ -5538,12 +5537,12 @@ void bench_curve25519KeyAgree(void) wc_curve25519_init(&genKey); wc_curve25519_init(&genKey2); - ret = wc_curve25519_make_key(&rng, 32, &genKey); + ret = wc_curve25519_make_key(&gRng, 32, &genKey); if (ret != 0) { printf("curve25519_make_key failed\n"); return; } - ret = wc_curve25519_make_key(&rng, 32, &genKey2); + ret = wc_curve25519_make_key(&gRng, 32, &genKey2); if (ret != 0) { printf("curve25519_make_key failed: %d\n", ret); wc_curve25519_free(&genKey); @@ -5585,7 +5584,7 @@ void bench_ed25519KeyGen(void) do { for (i = 0; i < genTimes; i++) { wc_ed25519_init(&genKey); - (void)wc_ed25519_make_key(&rng, 32, &genKey); + (void)wc_ed25519_make_key(&gRng, 32, &genKey); wc_ed25519_free(&genKey); } count += i; @@ -5609,7 +5608,7 @@ void bench_ed25519KeySign(void) wc_ed25519_init(&genKey); - ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &genKey); + ret = wc_ed25519_make_key(&gRng, ED25519_KEY_SIZE, &genKey); if (ret != 0) { printf("ed25519_make_key failed\n"); return; @@ -5670,7 +5669,7 @@ void bench_curve448KeyGen(void) bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { - ret = wc_curve448_make_key(&rng, 56, &genKey); + ret = wc_curve448_make_key(&gRng, 56, &genKey); wc_curve448_free(&genKey); if (ret != 0) { printf("wc_curve448_make_key failed: %d\n", ret); @@ -5695,12 +5694,12 @@ void bench_curve448KeyAgree(void) wc_curve448_init(&genKey); wc_curve448_init(&genKey2); - ret = wc_curve448_make_key(&rng, 56, &genKey); + ret = wc_curve448_make_key(&gRng, 56, &genKey); if (ret != 0) { printf("curve448_make_key failed\n"); return; } - ret = wc_curve448_make_key(&rng, 56, &genKey2); + ret = wc_curve448_make_key(&gRng, 56, &genKey2); if (ret != 0) { printf("curve448_make_key failed: %d\n", ret); wc_curve448_free(&genKey); @@ -5742,7 +5741,7 @@ void bench_ed448KeyGen(void) do { for (i = 0; i < genTimes; i++) { wc_ed448_init(&genKey); - (void)wc_ed448_make_key(&rng, ED448_KEY_SIZE, &genKey); + (void)wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey); wc_ed448_free(&genKey); } count += i; @@ -5766,7 +5765,7 @@ void bench_ed448KeySign(void) wc_ed448_init(&genKey); - ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &genKey); + ret = wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey); if (ret != 0) { printf("ed448_make_key failed\n"); return; diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 53564e3fea..69315d862b 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -2178,18 +2178,19 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, int dir) { - word32 *rk = aes->key; + word32 *rk; (void)dir; - if (keylen != 16 && + if (aes == NULL || (keylen != 16 && #ifdef WOLFSSL_AES_192 keylen != 24 && #endif - keylen != 32) { + keylen != 32)) { return BAD_FUNC_ARG; } + rk = aes->key; aes->keylen = keylen; aes->rounds = keylen/4 + 6; XMEMCPY(rk, userKey, keylen); @@ -2305,7 +2306,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) const byte* iv, int dir) { int ret; - byte* rk = (byte*)aes->key; + byte* rk; byte* tmpKey = (byte*)userKey; int tmpKeyDynamic = 0; word32 alignOffset = 0; @@ -2314,7 +2315,10 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) return BAD_FUNC_ARG; + if (aes == NULL) + return BAD_FUNC_ARG; + rk = (byte*)aes->key; if (rk == NULL) return BAD_FUNC_ARG; @@ -2379,7 +2383,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) (void)dir; (void)iv; - if (keylen != 16) + if (aes == NULL || keylen != 16) return BAD_FUNC_ARG; aes->keylen = keylen; @@ -2408,7 +2412,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) (void)dir; (void)iv; - if ( aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) { + if (aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) { return BAD_FUNC_ARG; } diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index d6e58946e3..a2e2e5b5da 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -11387,11 +11387,7 @@ static void wc_SetCert_Free(Cert* cert) { if (cert != NULL) { - - if (cert->der != NULL) { - cert->der = NULL; - } - + cert->der = NULL; if (cert->decodedCert) { FreeDecodedCert((DecodedCert*)cert->decodedCert); @@ -17086,8 +17082,8 @@ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl, return ret; } - if (*idx != end) /* skip extensions */ - *idx = end; + /* skip extensions */ + *idx = end; return 0; } @@ -17458,7 +17454,6 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz) if (GetASNHeader(buf, ASN_PIV_SIGNED_NONCE, &idx, &length, totalSz) >= 0) { piv->signedNonce = &buf[idx]; piv->signedNonceSz = length; - idx += length; } idx = 0; diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index f07498a5d7..b4b0187cd5 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -167,22 +167,26 @@ int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { + if (des == NULL || key == NULL) + return BAD_FUNC_ARG; + + (void)dir; + #ifndef WOLFSSL_STM32_CUBEMX - word32 *dkey1 = des->key[0]; - word32 *dkey2 = des->key[1]; - word32 *dkey3 = des->key[2]; + { + word32 *dkey1 = des->key[0]; + word32 *dkey2 = des->key[1]; + word32 *dkey3 = des->key[2]; - (void)dir; + XMEMCPY(dkey1, key, 8); /* set key 1 */ + XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ + XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ - XMEMCPY(dkey1, key, 8); /* set key 1 */ - XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ - XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ - - ByteReverseWords(dkey1, dkey1, 8); - ByteReverseWords(dkey2, dkey2, 8); - ByteReverseWords(dkey3, dkey3, 8); + ByteReverseWords(dkey1, dkey1, 8); + ByteReverseWords(dkey2, dkey2, 8); + ByteReverseWords(dkey3, dkey3, 8); + } #else - (void)dir; XMEMCPY(des->key[0], key, DES3_KEYLEN); /* CUBEMX wants keys in sequential memory */ #endif @@ -344,110 +348,117 @@ static void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz, int dir) { + if (des == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + #ifdef WOLFSSL_STM32_CUBEMX - CRYP_HandleTypeDef hcryp; - - XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); - hcryp.Instance = CRYP; - hcryp.Init.KeySize = CRYP_KEYSIZE_128B; - hcryp.Init.DataType = CRYP_DATATYPE_8B; - hcryp.Init.pKey = (uint8_t*)des->key; - hcryp.Init.pInitVect = (uint8_t*)des->reg; - - HAL_CRYP_Init(&hcryp); - - while (sz > 0) { - if (dir == DES_ENCRYPTION) { - HAL_CRYP_TDESCBC_Encrypt(&hcryp, (byte*)in, - DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT); - } - else { - HAL_CRYP_TDESCBC_Decrypt(&hcryp, (byte*)in, - DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT); + CRYP_HandleTypeDef hcryp; + + XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef)); + hcryp.Instance = CRYP; + hcryp.Init.KeySize = CRYP_KEYSIZE_128B; + hcryp.Init.DataType = CRYP_DATATYPE_8B; + hcryp.Init.pKey = (uint8_t*)des->key; + hcryp.Init.pInitVect = (uint8_t*)des->reg; + + HAL_CRYP_Init(&hcryp); + + while (sz > 0) + { + if (dir == DES_ENCRYPTION) { + HAL_CRYP_TDESCBC_Encrypt(&hcryp, (byte*)in, + DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT); + } + else { + HAL_CRYP_TDESCBC_Decrypt(&hcryp, (byte*)in, + DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT); + } + + /* store iv for next call */ + XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + + sz -= DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + out += DES_BLOCK_SIZE; } - /* store iv for next call */ - XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); - - sz -= DES_BLOCK_SIZE; - in += DES_BLOCK_SIZE; - out += DES_BLOCK_SIZE; + HAL_CRYP_DeInit(&hcryp); } - - HAL_CRYP_DeInit(&hcryp); #else - word32 *dkey1, *dkey2, *dkey3, *iv; - CRYP_InitTypeDef DES3_CRYP_InitStructure; - CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure; - CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure; - - dkey1 = des->key[0]; - dkey2 = des->key[1]; - dkey3 = des->key[2]; - iv = des->reg; - - /* crypto structure initialization */ - CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure); - CRYP_StructInit(&DES3_CRYP_InitStructure); - CRYP_IVStructInit(&DES3_CRYP_IVInitStructure); - - /* reset registers to their default values */ - CRYP_DeInit(); - - /* set direction, mode, and datatype */ - if (dir == DES_ENCRYPTION) { - DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; - } else { - DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; - } - - DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC; - DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; - CRYP_Init(&DES3_CRYP_InitStructure); - - /* load key into correct registers */ - DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0]; - DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1]; - DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0]; - DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1]; - DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0]; - DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1]; - CRYP_KeyInit(&DES3_CRYP_KeyInitStructure); - - /* set iv */ - ByteReverseWords(iv, iv, DES_BLOCK_SIZE); - DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; - DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; - CRYP_IVInit(&DES3_CRYP_IVInitStructure); - - /* enable crypto processor */ - CRYP_Cmd(ENABLE); - - while (sz > 0) { - /* flush IN/OUT FIFOs */ - CRYP_FIFOFlush(); + word32 *dkey1, *dkey2, *dkey3, *iv; + CRYP_InitTypeDef DES3_CRYP_InitStructure; + CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure; - CRYP_DataIn(*(uint32_t*)&in[0]); - CRYP_DataIn(*(uint32_t*)&in[4]); + dkey1 = des->key[0]; + dkey2 = des->key[1]; + dkey3 = des->key[2]; + iv = des->reg; - /* wait until the complete message has been processed */ - while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + /* crypto structure initialization */ + CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure); + CRYP_StructInit(&DES3_CRYP_InitStructure); + CRYP_IVStructInit(&DES3_CRYP_IVInitStructure); - *(uint32_t*)&out[0] = CRYP_DataOut(); - *(uint32_t*)&out[4] = CRYP_DataOut(); + /* reset registers to their default values */ + CRYP_DeInit(); - /* store iv for next call */ - XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + /* set direction, mode, and datatype */ + if (dir == DES_ENCRYPTION) { + DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; + } else { + DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; + } - sz -= DES_BLOCK_SIZE; - in += DES_BLOCK_SIZE; - out += DES_BLOCK_SIZE; + DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC; + DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&DES3_CRYP_InitStructure); + + /* load key into correct registers */ + DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1]; + DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1]; + DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1]; + CRYP_KeyInit(&DES3_CRYP_KeyInitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, DES_BLOCK_SIZE); + DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + CRYP_IVInit(&DES3_CRYP_IVInitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + + sz -= DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + out += DES_BLOCK_SIZE; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); } - - /* disable crypto processor */ - CRYP_Cmd(DISABLE); #endif /* WOLFSSL_STM32_CUBEMX */ } @@ -655,10 +666,13 @@ int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) { + if (des3 == NULL || key == NULL) { + return BAD_FUNC_ARG; + } - if(desBuffIn == NULL) { + if (desBuffIn == NULL) { #if defined (HAVE_THREADX) - int s1, s2, s3, s4, s5; + int s1, s2, s3, s4, s5; s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, sizeof(SECdescriptorType), TX_NO_WAIT); s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT); @@ -688,7 +702,13 @@ #include "fsl_ltc.h" int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) { - byte* dkey = (byte*)des->key; + byte* dkey; + + if (des == NULL || key == NULL) { + return BAD_FUNC_ARG; + } + + dkey = (byte*)des->key; XMEMCPY(dkey, key, 8); @@ -792,7 +812,14 @@ int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) { int i = 0; - byte* dkey = (byte*)des->key; + byte* dkey; + + + if (des == NULL || key == NULL) { + return BAD_FUNC_ARG; + } + + dkey = (byte*)des->key; XMEMCPY(dkey, key, 8); diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 7fd33ca03f..1c710c4e5f 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -4016,18 +4016,19 @@ static int wc_ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, } + if (err != MP_OKAY) { + } + else #ifdef WOLFSSL_HAVE_SP_ECC #ifndef WOLFSSL_SP_NO_256 if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) { - if (err == MP_OKAY) - err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap); + err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap); } else #endif #ifdef WOLFSSL_SP_384 if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) { - if (err == MP_OKAY) - err = sp_ecc_mulmod_base_384(&key->k, pub, 1, key->heap); + err = sp_ecc_mulmod_base_384(&key->k, pub, 1, key->heap); } else #endif @@ -4038,11 +4039,9 @@ static int wc_ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn, { mp_digit mp; - if (err == MP_OKAY) { - base = wc_ecc_new_point_h(key->heap); - if (base == NULL) - err = MEMORY_E; - } + base = wc_ecc_new_point_h(key->heap); + if (base == NULL) + err = MEMORY_E; /* read in the x/y for this key */ if (err == MP_OKAY) err = mp_copy(curve->Gx, base->x); @@ -6292,7 +6291,9 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, ecc_point* point) { int err = 0; +#ifdef HAVE_COMP_KEY int compressed = 0; +#endif int keysize; byte pointType; @@ -6425,8 +6426,12 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, } #endif - if (err == MP_OKAY && compressed == 0) - err = mp_read_unsigned_bin(point->y, (byte*)in + keysize, keysize); + if (err == MP_OKAY) { +#ifdef HAVE_COMP_KEY + if (compressed == 0) +#endif + err = mp_read_unsigned_bin(point->y, (byte*)in + keysize, keysize); + } if (err == MP_OKAY) err = mp_set(point->z, 1); @@ -7040,7 +7045,9 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, int curve_id) { int err = MP_OKAY; +#ifdef HAVE_COMP_KEY int compressed = 0; +#endif int keysize = 0; byte pointType; @@ -7092,9 +7099,11 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, #ifdef WOLFSSL_ATECC508A /* For SECP256R1 only save raw public key for hardware */ - if (curve_id == ECC_SECP256R1 && !compressed && - inLen <= sizeof(key->pubkey_raw)) { - XMEMCPY(key->pubkey_raw, (byte*)in, inLen); + if (curve_id == ECC_SECP256R1 && inLen <= sizeof(key->pubkey_raw)) { + #ifdef HAVE_COMP_KEY + if (!compressed) + #endif + XMEMCPY(key->pubkey_raw, (byte*)in, inLen); } #endif @@ -7195,8 +7204,15 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, } #endif /* HAVE_COMP_KEY */ - if (err == MP_OKAY && compressed == 0) - err = mp_read_unsigned_bin(key->pubkey.y, (byte*)in + keysize, keysize); + if (err == MP_OKAY) { + #ifdef HAVE_COMP_KEY + if (compressed == 0) + #endif + { + err = mp_read_unsigned_bin(key->pubkey.y, (byte*)in + keysize, + keysize); + } + } if (err == MP_OKAY) err = mp_set(key->pubkey.z, 1); @@ -7602,18 +7618,15 @@ int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen, /* rtmp and stmp are initialized */ if (err == MP_OKAY) { tmp_valid = 1; - } - /* extract r */ - if (err == MP_OKAY) { + /* extract r */ x = mp_unsigned_bin_size(rtmp); if (*rLen < x) err = BUFFER_E; - - if (err == MP_OKAY) { - *rLen = x; - err = mp_to_unsigned_bin(rtmp, r); - } + } + if (err == MP_OKAY) { + *rLen = x; + err = mp_to_unsigned_bin(rtmp, r); } /* extract s */ @@ -7720,19 +7733,21 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx, keySz = (word32)key->dp->size; err = wc_export_int(key->pubkey.x, &key_raw[1], &keySz, keySz, WC_TYPE_UNSIGNED_BIN); - if (err == MP_OKAY) + if (err == MP_OKAY) { err = wc_export_int(key->pubkey.y, &key_raw[1+keySz], &keySz, keySz, WC_TYPE_UNSIGNED_BIN); + } + if (err == MP_OKAY) { + pDomain = CRYS_ECPKI_GetEcDomain(cc310_mapCurve(curve_id)); - pDomain = CRYS_ECPKI_GetEcDomain(cc310_mapCurve(curve_id)); - - /* create public key from external key buffer */ - err = CRYS_ECPKI_BuildPublKeyFullCheck(pDomain, - key_raw, - keySz*2 + 1, - &key->ctx.pubKey, - &tempBuff); + /* create public key from external key buffer */ + err = CRYS_ECPKI_BuildPublKeyFullCheck(pDomain, + key_raw, + keySz*2 + 1, + &key->ctx.pubKey, + &tempBuff); + } if (err != SA_SILIB_RET_OK){ WOLFSSL_MSG("CRYS_ECPKI_BuildPublKeyFullCheck failed"); @@ -9077,10 +9092,8 @@ static int accel_fp_mul2add(int idx1, int idx2, mp)) != MP_OKAY) { break; } - } - /* add if not first, otherwise copy */ - if (!first) { + /* add if not first, otherwise copy */ if (zA) { if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA], R, a, modulus, mp)) != MP_OKAY) { @@ -9278,11 +9291,10 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, ++(fp_cache[idx1].lru_count); } - if (err == MP_OKAY) + if (err == MP_OKAY) { /* find point */ idx2 = find_base(B); - if (err == MP_OKAY) { /* no entry? */ if (idx2 == -1) { /* find hole and add it */ @@ -10475,8 +10487,9 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz) /* find matching OID sum (based on encoded value) */ for (x = 0; ecc_sets[x].size != 0; x++) { if (ecc_sets[x].oidSum == oidSum) { - int ret = 0; + int ret; #ifdef HAVE_OID_ENCODING + ret = 0; /* check cache */ oid_cache_t* o = &ecc_oid_cache[x]; if (o->oidSz == 0) { @@ -10490,6 +10503,10 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz) if (oid) { *oid = o->oid; } + /* on success return curve id */ + if (ret == 0) { + ret = ecc_sets[x].id; + } #else if (oidSz) { *oidSz = ecc_sets[x].oidSz; @@ -10497,11 +10514,8 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz) if (oid) { *oid = ecc_sets[x].oid; } + ret = ecc_sets[x].id; #endif - /* on success return curve id */ - if (ret == 0) { - ret = ecc_sets[x].id; - } return ret; } } diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index cdb6843dda..8057caa7c3 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -606,14 +606,15 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key) key->pointY[i] = *(in + 2*ED25519_KEY_SIZE - i); } XMEMCPY(key->p, key->pointY, ED25519_KEY_SIZE); + key->pubKeySet = 1; ret = 0; #else /* pass in (x,y) and store compressed key */ ret = ge_compress_key(key->p, in+1, in+1+ED25519_PUB_KEY_SIZE, ED25519_PUB_KEY_SIZE); -#endif /* FREESCALE_LTC_ECC */ if (ret == 0) key->pubKeySet = 1; +#endif /* FREESCALE_LTC_ECC */ return ret; } diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index f08f45d2de..ef5de299e8 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -1841,10 +1841,11 @@ static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx, else { int ret; - if (ctx->pctx == NULL) + if (ctx->pctx == NULL) { ctx->pctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e); - if (ctx->pctx == NULL) - return WOLFSSL_FAILURE; + if (ctx->pctx == NULL) + return WOLFSSL_FAILURE; + } ret = wolfSSL_EVP_DigestInit(ctx, type); if (ret == WOLFSSL_SUCCESS && pctx != NULL) diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index b5300fb924..56d684b464 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -2230,7 +2230,7 @@ int mp_exptmod_base_2(mp_int * X, mp_int * P, mp_int * Y) #else mp_int res[1]; #endif - int (*redux)(mp_int*,mp_int*,mp_digit); + int (*redux)(mp_int*,mp_int*,mp_digit) = NULL; /* automatically pick the comba one if available (saves quite a few calls/ifs) */ diff --git a/wolfcrypt/src/pkcs12.c b/wolfcrypt/src/pkcs12.c index d9eb874d3c..8ae500417b 100644 --- a/wolfcrypt/src/pkcs12.c +++ b/wolfcrypt/src/pkcs12.c @@ -715,7 +715,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz) } /* Create the MAC portion */ - if ((ret == 0) && (pkcs12->signData != NULL)) { + if (pkcs12->signData != NULL) { MacData *mac = (MacData*)pkcs12->signData; word32 innerSz = 0; word32 outerSz = 0; diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 5169718699..e420cad377 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -2507,8 +2507,9 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd, * pkcs7->contentSz: Must be provided as actual sign of raw data * return codes: 0=success, negative=error */ -int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, word32 hashSz, - byte* outputHead, word32* outputHeadSz, byte* outputFoot, word32* outputFootSz) +int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, + word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot, + word32* outputFootSz) { int ret; #ifdef WOLFSSL_SMALL_STACK @@ -2691,10 +2692,9 @@ int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey, ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz); if (ret <= 0) { WOLFSSL_MSG("Error encoding CMS SignedData content type"); - wc_FreeRng(&rng); - return ret; } + pkcs7->rng = NULL; wc_FreeRng(&rng); return ret; @@ -2802,14 +2802,11 @@ int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, byte* encryptKey, ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz); if (ret <= 0) { WOLFSSL_MSG("Error encoding CMS SignedData content type"); - ForceZero(encrypted, encryptedSz); - XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - wc_FreeRng(&rng); - return ret; } ForceZero(encrypted, encryptedSz); XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + pkcs7->rng = NULL; wc_FreeRng(&rng); return ret; @@ -2903,14 +2900,11 @@ int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, byte* privateKey, ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz); if (ret <= 0) { WOLFSSL_MSG("Error encoding CMS SignedData content type"); - ForceZero(compressed, compressedSz); - XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - wc_FreeRng(&rng); - return ret; } ForceZero(compressed, compressedSz); XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + pkcs7->rng = NULL; wc_FreeRng(&rng); return ret; @@ -3042,14 +3036,11 @@ int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, byte* encryptKey, ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz); if (ret <= 0) { WOLFSSL_MSG("Error encoding CMS SignedData content type"); - ForceZero(encrypted, encryptedSz); - XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - wc_FreeRng(&rng); - return ret; } ForceZero(encrypted, encryptedSz); XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7); + pkcs7->rng = NULL; wc_FreeRng(&rng); return ret; @@ -11161,10 +11152,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in, if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 && tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) explicitOctet = 1; - } - /* read encryptedContent, cont[0] */ - if (ret == 0) { + /* read encryptedContent, cont[0] */ ret = GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz); } @@ -12139,10 +12128,8 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz, if (ret == 0) { XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz); idx += encryptedContentSz; - } - /* decrypt encryptedContent */ - if (ret == 0) { + /* decrypt encryptedContent */ ret = wc_PKCS7_DecryptContent(pkcs7, encOID, pkcs7->encryptionKey, pkcs7->encryptionKeySz, tmpIv, expBlockSz, NULL, 0, NULL, 0, encryptedContent, diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index d87a0179bf..e3cd7ad249 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -429,23 +429,25 @@ int tsip_generateSeesionKey(struct WOLFSSL *ssl) dec = &ssl->decrypt; if (enc) { - if (enc->aes == NULL) + if (enc->aes == NULL) { enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, DYNAMIC_TYPE_CIPHER); - if (enc->aes == NULL) - return MEMORY_E; + if (enc->aes == NULL) + return MEMORY_E; + } XMEMSET(enc->aes, 0, sizeof(Aes)); } if (dec) { - if (dec->aes == NULL) + if (dec->aes == NULL) { dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, DYNAMIC_TYPE_CIPHER); - if (dec->aes == NULL) { - if (enc) { - XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER); + if (dec->aes == NULL) { + if (enc) { + XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER); + } + return MEMORY_E; } - return MEMORY_E; } XMEMSET(dec->aes, 0, sizeof(Aes)); diff --git a/wolfcrypt/src/port/intel/quickassist_sync.c b/wolfcrypt/src/port/intel/quickassist_sync.c index 1b9b883039..e03bca91f9 100644 --- a/wolfcrypt/src/port/intel/quickassist_sync.c +++ b/wolfcrypt/src/port/intel/quickassist_sync.c @@ -1628,7 +1628,7 @@ static void* _qaeMemAlloc(size_t size, void* heap, int type ptr = qaeMemAllocNUMA((Cpa32U)(size + sizeof(qaeMemHeader)), 0, alignment); } - else if (ptr == NULL) { + else { isNuma = 0; ptr = malloc(size + sizeof(qaeMemHeader)); } diff --git a/wolfcrypt/src/port/nxp/ksdk_port.c b/wolfcrypt/src/port/nxp/ksdk_port.c index f313a59ce9..a5cc737d77 100644 --- a/wolfcrypt/src/port/nxp/ksdk_port.c +++ b/wolfcrypt/src/port/nxp/ksdk_port.c @@ -828,7 +828,7 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m) #if defined(HAVE_ED25519) || defined(HAVE_CURVE25519) /* Weierstrass parameters of prime 2^255 - 19 */ -static const uint8_t modbin[32] = { +static const uint8_t curve25519_modbin[32] = { 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}; @@ -838,7 +838,7 @@ static const uint8_t r2mod[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; -/* invThree = ModInv(3,modbin) in LSB first */ +/* invThree = ModInv(3,curve25519_modbin) in LSB first */ static const uint8_t invThree[32] = { 0x49, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, @@ -868,10 +868,10 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, 0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f}; - uint8_t twoA[sizeof(modbin)] = {0}; - uint8_t V[sizeof(modbin)] = {0}; - uint8_t I[sizeof(modbin)] = {0}; - uint8_t VV[sizeof(modbin)] = {0}; + uint8_t twoA[sizeof(curve25519_modbin)] = {0}; + uint8_t V[sizeof(curve25519_modbin)] = {0}; + uint8_t I[sizeof(curve25519_modbin)] = {0}; + uint8_t VV[sizeof(curve25519_modbin)] = {0}; uint16_t szTwoA = 0; uint16_t szV = 0; uint16_t szVV = 0; @@ -880,32 +880,32 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, uint8_t one = 1; /* twoA = 2*A % p */ - status = LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, modbin, - sizeof(modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, curve25519_modbin, + sizeof(curve25519_modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith); /* V = ModularArithmetic.powmod(twoA, (p-5)/8, p) */ if (status == kStatus_Success) { status = - LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, modbin, sizeof(modbin), - curve25519_param, sizeof(curve25519_param), V, &szV, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, curve25519_modbin, + sizeof(curve25519_modbin), curve25519_param, + sizeof(curve25519_param), V, &szV, kLTC_PKHA_IntegerArith, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* VV = V*V % p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, modbin, - sizeof(modbin), VV, &szVV, kLTC_PKHA_IntegerArith, + status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, curve25519_modbin, + sizeof(curve25519_modbin), VV, &szVV, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* I = twoA * VV = 2*A*V*V % p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV, modbin, - sizeof(modbin), I, &szI, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV, + curve25519_modbin, sizeof(curve25519_modbin), I, &szI, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* I = I - 1 */ @@ -918,23 +918,24 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, } else { if (status == kStatus_Success) { - status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), &one, - sizeof(one), VV, sizeof(VV), I, &szI); + status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin, + sizeof(curve25519_modbin), &one, sizeof(one), VV, sizeof(VV), I, + &szI); } } /* res = a*v mod p */ - status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, modbin, - sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith, + status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, curve25519_modbin, + sizeof(curve25519_modbin), res, &szRes16, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); /* res = res * (i-1) mod p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI, modbin, - sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI, + curve25519_modbin, sizeof(curve25519_modbin), res, &szRes16, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* if X mod 2 != X_0 then we need the -X @@ -944,8 +945,9 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA, if ((status == kStatus_Success) && ((bool)sign != (bool)(res[0] & 0x01u))) { - status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), res, - szRes16, VV, sizeof(VV), res, &szRes16); /* -a = p - a */ + status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin, + sizeof(curve25519_modbin), res, szRes16, VV, sizeof(VV), res, + &szRes16); /* -a = p - a */ } if (status == kStatus_Success) { @@ -977,13 +979,13 @@ const ECPoint *wc_curve25519_GetBasePoint(void) return &ecBasePoint; } -static const uint8_t aCurveParam[CURVE25519_KEYSIZE] = { +static const uint8_t curve25519_aCurveParam[CURVE25519_KEYSIZE] = { 0x44, 0xa1, 0x14, 0x49, 0x98, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0x2a}; -static const uint8_t bCurveParam[CURVE25519_KEYSIZE] = { +static const uint8_t curve_bCurveParam[CURVE25519_KEYSIZE] = { 0x64, 0xc8, 0x10, 0x77, 0x9c, 0x5e, 0x0b, 0x26, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed, 0x25, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed, 0x25, 0xb4, @@ -1001,8 +1003,8 @@ status_t LTC_PKHA_Curve25519ToWeierstrass( uint16_t sizeRes = 0; status_t status; status = LTC_PKHA_ModAdd(LTC_BASE, ltcPointIn->X, CURVE25519_KEYSIZE, - offset, sizeof(offset), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, - &sizeRes, kLTC_PKHA_IntegerArith); + offset, sizeof(offset), curve25519_modbin, CURVE25519_KEYSIZE, + ltcPointOut->X, &sizeRes, kLTC_PKHA_IntegerArith); if (status == kStatus_Success) { if (ltcPointOut->Y != ltcPointIn->Y) { @@ -1022,25 +1024,28 @@ status_t LTC_PKHA_WeierstrassToCurve25519( const uint8_t three = 0x03; status = LTC_PKHA_ModMul(LTC_BASE, &three, sizeof(three), ltcPointIn->X, - CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, ltcPointOut->X, - &resultSize, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, - kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); + CURVE25519_KEYSIZE, curve25519_modbin, CURVE25519_KEYSIZE, + ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith, + kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, + kLTC_PKHA_TimingEqualized); if (status == kStatus_Success) { const uint8_t A[] = {0x06, 0x6d, 0x07}; if (LTC_PKHA_CompareBigNum(ltcPointOut->X, resultSize, A, sizeof(A))) { status = LTC_PKHA_ModSub1(LTC_BASE, ltcPointOut->X, resultSize, A, - sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize); + sizeof(A), curve25519_modbin, CURVE25519_KEYSIZE, + ltcPointOut->X, &resultSize); } else { status = LTC_PKHA_ModSub2(LTC_BASE, ltcPointOut->X, resultSize, A, - sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize); + sizeof(A), curve25519_modbin, CURVE25519_KEYSIZE, + ltcPointOut->X, &resultSize); } } if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, invThree, CURVE25519_KEYSIZE, - ltcPointOut->X, resultSize, modbin, CURVE25519_KEYSIZE, + ltcPointOut->X, resultSize, curve25519_modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); @@ -1068,37 +1073,40 @@ status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint) status_t status; /* X^3 */ - status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, modbin, - CURVE25519_KEYSIZE, &three, 1, U, &sizeU, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, + curve25519_modbin, CURVE25519_KEYSIZE, &three, 1, U, &sizeU, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_TimingEqualized); /* X^2 */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, - ltcPoint->X, CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, X2, - &sizeX2, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, - kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); - } - - /* 486662*X^2 */ - if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2, modbin, + ltcPoint->X, CURVE25519_KEYSIZE, curve25519_modbin, CURVE25519_KEYSIZE, X2, &sizeX2, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } + /* 486662*X^2 */ + if (status == kStatus_Success) { + status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2, + curve25519_modbin, CURVE25519_KEYSIZE, X2, &sizeX2, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); + } + /* X^3 + 486662*X^2 */ if (status == kStatus_Success) { - status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2, modbin, - CURVE25519_KEYSIZE, U, &sizeU, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2, + curve25519_modbin, CURVE25519_KEYSIZE, U, &sizeU, + kLTC_PKHA_IntegerArith); } /* U = X^3 + 486662*X^2 + X */ if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, ltcPoint->X, - CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, U, &sizeU, - kLTC_PKHA_IntegerArith); + CURVE25519_KEYSIZE, curve25519_modbin, CURVE25519_KEYSIZE, U, + &sizeU, kLTC_PKHA_IntegerArith); } /* Y = modular square root of U (U is Y^2) */ @@ -1133,11 +1141,12 @@ int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_ ltcPointOut.X = &q->point[0]; ltcPointOut.Y = &q->pointY[0]; - /* modbin, r2mod, aCurveParam, bCurveParam are Weierstrass equivalent - with Curve25519 */ + /* curve25519_modbin, r2mod, curve25519_aCurveParam, curve25519_bCurveParam + * are Weierstrass equivalent with Curve25519 */ status = LTC_PKHA_ECC_PointMul(LTC_BASE, <cPoint, n, CURVE25519_KEYSIZE, - modbin, r2mod, aCurveParam, bCurveParam, CURVE25519_KEYSIZE, - kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, <cPointOut, NULL); + curve25519_modbin, r2mod, curve25519_aCurveParam, + curve25519_bCurveParam, CURVE25519_KEYSIZE, kLTC_PKHA_TimingEqualized, + kLTC_PKHA_IntegerArith, <cPointOut, NULL); /* now need to map from Weierstrass form to Montgomery form */ if (status == kStatus_Success) { @@ -1243,9 +1252,10 @@ status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn, status_t status; /* input on W, output in W, W parameters of ECC curve are Ed25519 curve parameters mapped to Weierstrass curve */ - status = LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN, modbin, - r2mod, a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE, - kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, ltcPointOut, NULL); + status = LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN, + curve25519_modbin, r2mod, a_coefEd25519, b_coefEd25519, + ED25519_KEY_SIZE, kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, + ltcPointOut, NULL); /* Weierstrass coordinates to Ed25519 coordinates */ if ((status == kStatus_Success) && (typeOut == kLTC_Ed25519)) { @@ -1292,71 +1302,75 @@ status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn, /* temp = 1 + Ey */ status = LTC_PKHA_ModAdd(LTC_BASE, Ey, ED25519_KEY_SIZE, &one, sizeof(one), - modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); + curve25519_modbin, sizeof(curve25519_modbin), temp, &szTemp, + kLTC_PKHA_IntegerArith); /* temp2 = 1 - Ey = 1 + (p - Ey) */ if (status == kStatus_Success) { - status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), Ey, - ED25519_KEY_SIZE, max, sizeof(max), temp2, &szTemp2); + status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin, + sizeof(curve25519_modbin), Ey, ED25519_KEY_SIZE, max, sizeof(max), + temp2, &szTemp2); } if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, temp2, szTemp2, &one, sizeof(one), - modbin, sizeof(modbin), temp2, &szTemp2, kLTC_PKHA_IntegerArith); + curve25519_modbin, sizeof(curve25519_modbin), temp2, &szTemp2, + kLTC_PKHA_IntegerArith); } /* Mx = ModInv(temp2,prime) */ if (status == kStatus_Success) { - status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, modbin, - sizeof(modbin), Mx, &szMx, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, curve25519_modbin, + sizeof(curve25519_modbin), Mx, &szMx, kLTC_PKHA_IntegerArith); } /* Mx = Mx * temp */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp, modbin, - ED25519_KEY_SIZE, Mx, &szMx, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp, + curve25519_modbin, ED25519_KEY_SIZE, Mx, &szMx, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* My = temp2 * Ex */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, Ex, ED25519_KEY_SIZE, temp2, - szTemp2, modbin, ED25519_KEY_SIZE, My, &szMy, + szTemp2, curve25519_modbin, ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* My = ModInv(My, prime) */ if (status == kStatus_Success) { - status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin), - My, &szMy, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, curve25519_modbin, + sizeof(curve25519_modbin), My, &szMy, kLTC_PKHA_IntegerArith); } /* My = My * temp */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp, modbin, - ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp, + curve25519_modbin, ED25519_KEY_SIZE, My, &szMy, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* Gx = Mx * invB_coefEd25519 + A_mul_invThreeB_coefEd25519 */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, invB_coefEd25519, - sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gx, &szGx, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + sizeof(invB_coefEd25519), curve25519_modbin, ED25519_KEY_SIZE, Gx, + &szGx, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, Gx, szGx, A_mul_invThreeB_coefEd25519, sizeof(A_mul_invThreeB_coefEd25519), - modbin, sizeof(modbin), Gx, &szGx, kLTC_PKHA_IntegerArith); + curve25519_modbin, sizeof(curve25519_modbin), Gx, &szGx, + kLTC_PKHA_IntegerArith); } /* Gy = My * invB_coefEd25519 */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, invB_coefEd25519, - sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gy, &szGy, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + sizeof(invB_coefEd25519), curve25519_modbin, ED25519_KEY_SIZE, Gy, + &szGy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } @@ -1395,14 +1409,14 @@ status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, /* My = (B*Gy) % prime */ status = LTC_PKHA_ModMul(LTC_BASE, B_coefEd25519, sizeof(B_coefEd25519), - Gy, ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, My, &szMy, + Gy, ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); /* temp = 3*B*Gx mod p */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, threeB_coefEd25519, - sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, modbin, + sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, temp, &szTemp, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); @@ -1410,57 +1424,58 @@ status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn, /* temp = (temp - A) mod p */ if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, temp, szTemp, minus_A_coefEd25519, - sizeof(minus_A_coefEd25519), modbin, sizeof(modbin), temp, &szTemp, - kLTC_PKHA_IntegerArith); + sizeof(minus_A_coefEd25519), curve25519_modbin, + sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); } /* Mx = (temp/3) mod p */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, invThree, - sizeof(invThree), modbin, sizeof(modbin), Mx, &szMx, - kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, - kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); + sizeof(invThree), curve25519_modbin, sizeof(curve25519_modbin), Mx, + &szMx, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* temp = 1/My mod p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin), - temp, &szTemp, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, curve25519_modbin, + sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); } /* Ex = Mx * temp mod p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin, - sizeof(modbin), Ex, &szEx, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, + curve25519_modbin, sizeof(curve25519_modbin), Ex, &szEx, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } /* temp = Mx + 1 mod p */ if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, Mx, szMx, &one, sizeof(one), - modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); + curve25519_modbin, sizeof(curve25519_modbin), temp, &szTemp, + kLTC_PKHA_IntegerArith); } /* temp = 1/temp mod p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, modbin, - sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, curve25519_modbin, + sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith); } /* Mx = (Mx - 1) mod p */ if (status == kStatus_Success) { if (LTC_PKHA_CompareBigNum(Mx, szMx, &one, sizeof(one)) >= 0) { status = LTC_PKHA_ModSub1(LTC_BASE, Mx, szMx, &one, sizeof(one), - modbin, sizeof(modbin), Mx, &szMx); + curve25519_modbin, sizeof(curve25519_modbin), Mx, &szMx); } else { /* Mx is zero, so it is modulus, thus we do modulus - 1 */ - XMEMCPY(Mx, modbin, sizeof(modbin)); + XMEMCPY(Mx, curve25519_modbin, sizeof(curve25519_modbin)); Mx[0]--; } } /* Ey = Mx * temp mod p */ if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin, - sizeof(modbin), Ey, &szEy, kLTC_PKHA_IntegerArith, - kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, - kLTC_PKHA_TimingEqualized); + status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, + curve25519_modbin, sizeof(curve25519_modbin), Ey, &szEy, + kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, + kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } return status; @@ -1494,7 +1509,7 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, /* U = y * y mod p */ status = LTC_PKHA_ModMul(LTC_BASE, Y, ED25519_KEY_SIZE, Y, - ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, U, &szU, + ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, U, &szU, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); XMEMCPY(V, U, szU); @@ -1504,11 +1519,11 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, if (status == kStatus_Success) { if (LTC_PKHA_CompareBigNum(U, szU, &one, sizeof(one)) >= 0) { status = LTC_PKHA_ModSub1(LTC_BASE, U, szU, &one, sizeof(one), - modbin, sizeof(modbin), U, &szU); + curve25519_modbin, sizeof(curve25519_modbin), U, &szU); } else { /* U is zero, so it is modulus, thus we do modulus - 1 */ - XMEMCPY(U, modbin, sizeof(modbin)); + XMEMCPY(U, curve25519_modbin, sizeof(curve25519_modbin)); U[0]--; } } @@ -1516,23 +1531,24 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey, /* V = d*y*y + 1 */ if (status == kStatus_Success) { status = LTC_PKHA_ModMul(LTC_BASE, V, szV, d_coefEd25519, - ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, V, &szV, + ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, V, &szV, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); } if (status == kStatus_Success) { status = LTC_PKHA_ModAdd(LTC_BASE, V, szV, &one, sizeof(one), - modbin, sizeof(modbin), V, &szV, kLTC_PKHA_IntegerArith); + curve25519_modbin, sizeof(curve25519_modbin), V, &szV, + kLTC_PKHA_IntegerArith); } /* U = U / V (mod p) */ if (status == kStatus_Success) { - status = LTC_PKHA_ModInv(LTC_BASE, V, szV, modbin, sizeof(modbin), - V, &szV, kLTC_PKHA_IntegerArith); + status = LTC_PKHA_ModInv(LTC_BASE, V, szV, curve25519_modbin, + sizeof(curve25519_modbin), V, &szV, kLTC_PKHA_IntegerArith); } if (status == kStatus_Success) { - status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, modbin, + status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, curve25519_modbin, ED25519_KEY_SIZE, U, &szU, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized); @@ -1669,13 +1685,14 @@ status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a, /* R = b*B - a*A */ if (status == kStatus_Success) { - status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), ltc1.Y, - szY, max, sizeof(max), ltc1.Y, &szY); + status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin, + sizeof(curve25519_modbin), ltc1.Y, szY, max, sizeof(max), ltc1.Y, + &szY); } if (status == kStatus_Success) { - status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1, modbin, r2mod, - a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE, - kLTC_PKHA_IntegerArith, <c0); + status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1, + curve25519_modbin, r2mod, a_coefEd25519, b_coefEd25519, + ED25519_KEY_SIZE, kLTC_PKHA_IntegerArith, <c0); } /* map to Ed25519 */ if (status == kStatus_Success) { diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 3ed26f3ef8..78dfd39781 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1728,7 +1728,7 @@ static int wc_RsaFunctionXil(const byte* in, word32 inLen, byte* out, word32* outLen, int type, RsaKey* key, WC_RNG* rng) { int ret = 0; - word32 keyLen, len; + word32 keyLen; (void)rng; keyLen = wc_RsaEncryptSize(key); diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c index bcb81990de..986ca9ddab 100644 --- a/wolfcrypt/src/sp_arm32.c +++ b/wolfcrypt/src/sp_arm32.c @@ -7489,6 +7489,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 256U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 2048) { + err = MP_READ_E; + } + if (inLen > 256) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 2048) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 64; + m = a + 128; + r = a; + + sp_2048_from_bin(a, 64, in, inLen); + sp_2048_from_mp(d, 64, dm); + sp_2048_from_mp(m, 64, mm); + err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0); + } + if (err == MP_OKAY) { + sp_2048_to_bin(r, out); + *outLen = 256; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 64); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -7816,6 +7873,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -18977,6 +19035,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 384U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 3072) { + err = MP_READ_E; + } + if (inLen > 384) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 3072) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 96; + m = a + 192; + r = a; + + sp_3072_from_bin(a, 96, in, inLen); + sp_3072_from_mp(d, 96, dm); + sp_3072_from_mp(m, 96, mm); + err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0); + } + if (err == MP_OKAY) { + sp_3072_to_bin(r, out); + *outLen = 384; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 96); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -19384,6 +19499,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -71539,6 +71655,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 512U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 4096) { + err = MP_READ_E; + } + if (inLen > 512) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 4096) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 128; + m = a + 256; + r = a; + + sp_4096_from_bin(a, 128, in, inLen); + sp_4096_from_mp(d, 128, dm); + sp_4096_from_mp(m, 128, mm); + err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0); + } + if (err == MP_OKAY) { + sp_4096_to_bin(r, out); + *outLen = 512; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 128); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -72026,6 +72199,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -76112,7 +76286,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; @@ -84781,7 +84955,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index 345e287ad0..d960fff25e 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -4989,6 +4989,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 256U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 2048) { + err = MP_READ_E; + } + if (inLen > 256) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 2048) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 32 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 32; + m = a + 64; + r = a; + + sp_2048_from_bin(a, 32, in, inLen); + sp_2048_from_mp(d, 32, dm); + sp_2048_from_mp(m, 32, mm); + err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0); + } + if (err == MP_OKAY) { + sp_2048_to_bin(r, out); + *outLen = 256; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 32); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -5212,6 +5269,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -12633,6 +12691,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 384U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 3072) { + err = MP_READ_E; + } + if (inLen > 384) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 3072) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 48 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 48; + m = a + 96; + r = a; + + sp_3072_from_bin(a, 48, in, inLen); + sp_3072_from_mp(d, 48, dm); + sp_3072_from_mp(m, 48, mm); + err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0); + } + if (err == MP_OKAY) { + sp_3072_to_bin(r, out); + *outLen = 384; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 48); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -12884,6 +12999,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -17504,6 +17620,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 512U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 4096) { + err = MP_READ_E; + } + if (inLen > 512) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 4096) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 64; + m = a + 128; + r = a; + + sp_4096_from_bin(a, 64, in, inLen); + sp_4096_from_mp(d, 64, dm); + sp_4096_from_mp(m, 64, mm); + err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0); + } + if (err == MP_OKAY) { + sp_4096_to_bin(r, out); + *outLen = 512; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 64); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -17783,6 +17956,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c index 9230304e39..97251c0348 100644 --- a/wolfcrypt/src/sp_armthumb.c +++ b/wolfcrypt/src/sp_armthumb.c @@ -4362,6 +4362,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 256U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 2048) { + err = MP_READ_E; + } + if (inLen > 256) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 2048) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 64; + m = a + 128; + r = a; + + sp_2048_from_bin(a, 64, in, inLen); + sp_2048_from_mp(d, 64, dm); + sp_2048_from_mp(m, 64, mm); + err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0); + } + if (err == MP_OKAY) { + sp_2048_to_bin(r, out); + *outLen = 256; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 64); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -4522,6 +4579,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -10105,6 +10163,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 384U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 3072) { + err = MP_READ_E; + } + if (inLen > 384) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 3072) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 96; + m = a + 192; + r = a; + + sp_3072_from_bin(a, 96, in, inLen); + sp_3072_from_mp(d, 96, dm); + sp_3072_from_mp(m, 96, mm); + err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0); + } + if (err == MP_OKAY) { + sp_3072_to_bin(r, out); + *outLen = 384; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 96); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -10265,6 +10380,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -14507,6 +14623,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 512U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 4096) { + err = MP_READ_E; + } + if (inLen > 512) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 4096) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 128; + m = a + 256; + r = a; + + sp_4096_from_bin(a, 128, in, inLen); + sp_4096_from_mp(d, 128, dm); + sp_4096_from_mp(m, 128, mm); + err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0); + } + if (err == MP_OKAY) { + sp_4096_to_bin(r, out); + *outLen = 512; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 128); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -14668,6 +14841,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -17789,7 +17963,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; @@ -23576,7 +23750,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 0d06cffccf..2a098c1172 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -3420,7 +3420,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 90; - m = a + 90; + m = a + 180; r = a; sp_2048_from_bin(a, 90, in, inLen); @@ -7257,7 +7257,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 134; - m = a + 134; + m = a + 268; r = a; sp_3072_from_bin(a, 134, in, inLen); @@ -11258,7 +11258,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 196; - m = a + 196; + m = a + 392; r = a; sp_4096_from_bin(a, 196, in, inLen); diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index 6335f60a93..f09db85b09 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -3060,7 +3060,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 36; - m = a + 36; + m = a + 72; r = a; sp_2048_from_bin(a, 36, in, inLen); @@ -7171,7 +7171,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 54; - m = a + 54; + m = a + 108; r = a; sp_3072_from_bin(a, 54, in, inLen); @@ -11527,7 +11527,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, } if (err == MP_OKAY) { a = d + 78; - m = a + 78; + m = a + 156; r = a; sp_4096_from_bin(a, 78, in, inLen); diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c index 133ae69228..cc9a41358c 100644 --- a/wolfcrypt/src/sp_cortexm.c +++ b/wolfcrypt/src/sp_cortexm.c @@ -4116,6 +4116,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 256U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 2048) { + err = MP_READ_E; + } + if (inLen > 256) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 2048) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 64; + m = a + 128; + r = a; + + sp_2048_from_bin(a, 64, in, inLen); + sp_2048_from_mp(d, 64, dm); + sp_2048_from_mp(m, 64, mm); + err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0); + } + if (err == MP_OKAY) { + sp_2048_to_bin(r, out); + *outLen = 256; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 64); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -4274,6 +4331,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -8708,6 +8766,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 384U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 3072) { + err = MP_READ_E; + } + if (inLen > 384) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 3072) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 96; + m = a + 192; + r = a; + + sp_3072_from_bin(a, 96, in, inLen); + sp_3072_from_mp(d, 96, dm); + sp_3072_from_mp(m, 96, mm); + err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0); + } + if (err == MP_OKAY) { + sp_3072_to_bin(r, out); + *outLen = 384; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 96); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -8866,6 +8981,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -12246,6 +12362,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) + sp_digit* a; + sp_digit* d = NULL; + sp_digit* m; + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 512U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 4096) { + err = MP_READ_E; + } + if (inLen > 512) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 4096) { + err = MP_READ_E; + } + } + + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } + if (err == MP_OKAY) { + a = d + 128; + m = a + 256; + r = a; + + sp_4096_from_bin(a, 128, in, inLen); + sp_4096_from_mp(d, 128, dm); + sp_4096_from_mp(m, 128, mm); + err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0); + } + if (err == MP_OKAY) { + sp_4096_to_bin(r, out); + *outLen = 512; + } + + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 128); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } + + return err; +#else #ifndef WOLFSSL_RSA_PUBLIC_ONLY /* Conditionally add a and b using the mask m. * m is -1 to add and 0 when not. @@ -12405,6 +12578,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, return err; } #endif /* WOLFSSL_RSA_PUBLIC_ONLY */ +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -16032,7 +16206,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; @@ -21538,7 +21712,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con n <<= 4; for (; i>=0 || c>=4; ) { if (c < 4) { - n |= k[i--] << (0 - c); + n |= k[i--]; c += 32; } y = (n >> 28) & 0xf; diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c index 5c6642457f..3ad12f4333 100644 --- a/wolfcrypt/src/sp_int.c +++ b/wolfcrypt/src/sp_int.c @@ -309,7 +309,7 @@ int sp_count_bits(sp_int* a) r *= SP_WORD_SIZE; if (d >= (1L << (SP_WORD_SIZE / 2))) { r += SP_WORD_SIZE; - while ((d & (1L << (SP_WORD_SIZE - 1))) == 0) { + while ((d & (1UL << (SP_WORD_SIZE - 1))) == 0) { r--; d <<= 1; } diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index 6b46e7fd3f..f8828fb3c9 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -1466,6 +1466,100 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) +/* RSA private key operation. + * + * in Array of bytes representing the number to exponentiate, base. + * inLen Number of bytes in base. + * dm Private exponent. + * pm First prime. + * qm Second prime. + * dpm First prime's CRT exponent. + * dqm Second prime's CRT exponent. + * qim Inverse of second prime mod p. + * mm Modulus. + * out Buffer to hold big-endian bytes of exponentiation result. + * Must be at least 256 bytes long. + * outLen Number of bytes in result. + * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when + * an array is too long and MEMORY_E when dynamic memory allocation fails. + */ +int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, + mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm, + byte* out, word32* outLen) +{ +#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK) + sp_digit a[64], d[32], m[32]; +#else + sp_digit* d = NULL; + sp_digit* a; + sp_digit* m; +#endif + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 256U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 2048) { + err = MP_READ_E; + } + if (inLen > 256U) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 2048) { + err = MP_READ_E; + } + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 32 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } +#endif + + if (err == MP_OKAY) { +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + a = d + 32; + m = a + 64; +#endif + r = a; + + sp_2048_from_bin(a, 32, in, inLen); + sp_2048_from_mp(d, 32, dm); + sp_2048_from_mp(m, 32, mm); + err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0); + } + + if (err == MP_OKAY) { + sp_2048_to_bin(r, out); + *outLen = 256; + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 32); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } +#else + XMEMSET(d, 0, sizeof(sp_digit) * 32); +#endif + + return err; +} + +#else extern sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); extern sp_digit sp_2048_cond_add_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); /* RSA private key operation. @@ -1627,6 +1721,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm, return err; } +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -3520,6 +3615,100 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) +/* RSA private key operation. + * + * in Array of bytes representing the number to exponentiate, base. + * inLen Number of bytes in base. + * dm Private exponent. + * pm First prime. + * qm Second prime. + * dpm First prime's CRT exponent. + * dqm Second prime's CRT exponent. + * qim Inverse of second prime mod p. + * mm Modulus. + * out Buffer to hold big-endian bytes of exponentiation result. + * Must be at least 384 bytes long. + * outLen Number of bytes in result. + * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when + * an array is too long and MEMORY_E when dynamic memory allocation fails. + */ +int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, + mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm, + byte* out, word32* outLen) +{ +#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK) + sp_digit a[96], d[48], m[48]; +#else + sp_digit* d = NULL; + sp_digit* a; + sp_digit* m; +#endif + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 384U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 3072) { + err = MP_READ_E; + } + if (inLen > 384U) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 3072) { + err = MP_READ_E; + } + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 48 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } +#endif + + if (err == MP_OKAY) { +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + a = d + 48; + m = a + 96; +#endif + r = a; + + sp_3072_from_bin(a, 48, in, inLen); + sp_3072_from_mp(d, 48, dm); + sp_3072_from_mp(m, 48, mm); + err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0); + } + + if (err == MP_OKAY) { + sp_3072_to_bin(r, out); + *outLen = 384; + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 48); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } +#else + XMEMSET(d, 0, sizeof(sp_digit) * 48); +#endif + + return err; +} + +#else extern sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); extern sp_digit sp_3072_cond_add_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); /* RSA private key operation. @@ -3681,6 +3870,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm, return err; } +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) @@ -5028,6 +5218,100 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm, return err; } +#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM) +/* RSA private key operation. + * + * in Array of bytes representing the number to exponentiate, base. + * inLen Number of bytes in base. + * dm Private exponent. + * pm First prime. + * qm Second prime. + * dpm First prime's CRT exponent. + * dqm Second prime's CRT exponent. + * qim Inverse of second prime mod p. + * mm Modulus. + * out Buffer to hold big-endian bytes of exponentiation result. + * Must be at least 512 bytes long. + * outLen Number of bytes in result. + * returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when + * an array is too long and MEMORY_E when dynamic memory allocation fails. + */ +int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, + mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm, + byte* out, word32* outLen) +{ +#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK) + sp_digit a[128], d[64], m[64]; +#else + sp_digit* d = NULL; + sp_digit* a; + sp_digit* m; +#endif + sp_digit* r; + int err = MP_OKAY; + + (void)pm; + (void)qm; + (void)dpm; + (void)dqm; + (void)qim; + + if (*outLen < 512U) { + err = MP_TO_E; + } + if (err == MP_OKAY) { + if (mp_count_bits(dm) > 4096) { + err = MP_READ_E; + } + if (inLen > 512U) { + err = MP_READ_E; + } + if (mp_count_bits(mm) != 4096) { + err = MP_READ_E; + } + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (err == MP_OKAY) { + d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL, + DYNAMIC_TYPE_RSA); + if (d == NULL) { + err = MEMORY_E; + } + } +#endif + + if (err == MP_OKAY) { +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + a = d + 64; + m = a + 128; +#endif + r = a; + + sp_4096_from_bin(a, 64, in, inLen); + sp_4096_from_mp(d, 64, dm); + sp_4096_from_mp(m, 64, mm); + err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0); + } + + if (err == MP_OKAY) { + sp_4096_to_bin(r, out); + *outLen = 512; + } + +#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK) + if (d != NULL) { + XMEMSET(d, 0, sizeof(sp_digit) * 64); + XFREE(d, NULL, DYNAMIC_TYPE_RSA); + } +#else + XMEMSET(d, 0, sizeof(sp_digit) * 64); +#endif + + return err; +} + +#else extern sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); extern sp_digit sp_4096_cond_add_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m); /* RSA private key operation. @@ -5189,6 +5473,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm, return err; } +#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */ #endif /* WOLFSSL_HAVE_SP_RSA */ #if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \ !defined(WOLFSSL_RSA_PUBLIC_ONLY)) diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 3b8a7aa33a..61b31f0e17 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -4328,6 +4328,8 @@ int fp_isprime_ex(fp_int *a, int t, int* result) int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) { int ret = FP_YES; + fp_digit d; + int i; if (a == NULL || result == NULL || rng == NULL) return FP_VAL; @@ -4337,35 +4339,30 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) return FP_OKAY; } - if (ret == FP_YES) { - fp_digit d; - int r; + /* check against primes table */ + for (i = 0; i < FP_PRIME_SIZE; i++) { + if (fp_cmp_d(a, primes[i]) == FP_EQ) { + *result = FP_YES; + return FP_OKAY; + } + } - /* check against primes table */ - for (r = 0; r < FP_PRIME_SIZE; r++) { - if (fp_cmp_d(a, primes[r]) == FP_EQ) { - *result = FP_YES; + /* do trial division */ + for (i = 0; i < FP_PRIME_SIZE; i++) { + if (fp_mod_d(a, primes[i], &d) == MP_OKAY) { + if (d == 0) { + *result = FP_NO; return FP_OKAY; } } - - /* do trial division */ - for (r = 0; r < FP_PRIME_SIZE; r++) { - if (fp_mod_d(a, primes[r], &d) == MP_OKAY) { - if (d == 0) { - *result = FP_NO; - return FP_OKAY; - } - } - else - return FP_VAL; - } + else + return FP_VAL; } #ifndef WC_NO_RNG /* now do a miller rabin with up to t random numbers, this should * give a (1/4)^t chance of a false prime. */ - if (ret == FP_YES) { + { #ifndef WOLFSSL_SMALL_STACK fp_int b[1], c[1], n1[1], y[1], r[1]; byte base[FP_MAX_PRIME_SIZE]; diff --git a/wolfcrypt/src/wolfmath.c b/wolfcrypt/src/wolfmath.c index 4d5a26d194..a3f1bda8ba 100644 --- a/wolfcrypt/src/wolfmath.c +++ b/wolfcrypt/src/wolfmath.c @@ -212,9 +212,9 @@ int wc_bigint_alloc(WC_BIGINT* a, word32 sz) } if (a->buf == NULL) { a->buf = (byte*)XMALLOC(sz, a->heap, DYNAMIC_TYPE_WOLF_BIGINT); - } - if (a->buf == NULL) { - err = MP_MEM; + if (a->buf == NULL) { + err = MP_MEM; + } } else { XMEMSET(a->buf, 0, sz); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 5db93d8737..c31a77c364 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -5913,6 +5913,11 @@ EVP_TEST_END: #endif int ret = 0; + (void)enc; + #ifdef HAVE_AES_DECRYPT + (void)dec; + #endif + #ifdef WOLFSSL_AES_128 /* 128 key size test */ #ifdef OPENSSL_EXTRA @@ -13568,7 +13573,9 @@ int rsa_test(void) #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) XFILE caFile; #endif + #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) XFILE ntruPrivFile; + #endif int certSz; word32 idx3 = 0; #ifdef WOLFSSL_TEST_CERT @@ -18423,7 +18430,9 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize) { int ret = 0; int derSz; +#ifdef HAVE_PKCS8 word32 pkcs8Sz; +#endif byte* der; byte* pem; ecc_key userA; @@ -18538,6 +18547,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount, (void)testVerifyCount; (void)dp; + (void)x; XMEMSET(&userA, 0, sizeof(ecc_key)); XMEMSET(&userB, 0, sizeof(ecc_key)); @@ -21839,14 +21849,14 @@ static int curve448_check_public_test(void) } /* Little-endian fail cases */ - for (i = 0; i < (int)(sizeof(fail_le) / sizeof(fail_le)); i++) { + for (i = 0; i < (int)(sizeof(fail_le) / sizeof(*fail_le)); i++) { if (wc_curve448_check_public(fail_le[i], CURVE448_KEY_SIZE, EC448_LITTLE_ENDIAN) == 0) { return -10924 - i; } } /* Big-endian fail cases */ - for (i = 0; i < (int)(sizeof(fail_be) / sizeof(fail_be)); i++) { + for (i = 0; i < (int)(sizeof(fail_be) / sizeof(*fail_be)); i++) { if (wc_curve448_check_public(fail_be[i], CURVE448_KEY_SIZE, EC448_BIG_ENDIAN) == 0) { return -10934 - i; @@ -21883,6 +21893,8 @@ int curve448_test(void) word32 x; curve448_key userA, userB, pubKey; + (void)x; + #if defined(HAVE_CURVE448_SHARED_SECRET) && \ defined(HAVE_CURVE448_KEY_IMPORT) /* test vectors from @@ -25306,14 +25318,14 @@ int pkcs7authenveloped_test(void) #endif /* HAVE_AESGCM || HAVE_AESCCM */ #ifndef NO_AES -static const byte defKey[] = { +static const byte p7DefKey[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; -static const byte altKey[] = { +static const byte p7AltKey[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; @@ -25342,7 +25354,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId, switch (keyWrapAlgo) { case AES256_WRAP: - ret = wc_AesKeyUnWrap(defKey, sizeof(defKey), cek, cekSz, + ret = wc_AesKeyUnWrap(p7DefKey, sizeof(p7DefKey), cek, cekSz, out, outSz, NULL); if (ret <= 0) return ret; @@ -25431,8 +25443,8 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out, pkcs7->ukmSz = 0; /* add recipient (KEKRI type) */ - ret = wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP, (byte*)defKey, - sizeof(defKey), (byte*)keyId, + ret = wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP, (byte*)p7DefKey, + sizeof(p7DefKey), (byte*)keyId, sizeof(keyId), NULL, NULL, 0, NULL, 0, 0); if (ret < 0) { printf("wc_PKCS7_AddRecipient_KEKRI() failed, ret = %d\n", ret); @@ -25495,7 +25507,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey, /* If using keyHint 0 then create a bundle with fwWrappedFirmwareKey */ if (keyHint == 0) { - ret = envelopedData_encrypt((byte*)defKey, sizeof(defKey), env, + ret = envelopedData_encrypt((byte*)p7DefKey, sizeof(p7DefKey), env, sizeof(env)); if (ret <= 0) { return ret; @@ -25667,7 +25679,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz) word32 derSz = FOURK_BUF/2; /* Doing default generation and verify */ - ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 0, cert, + ret = generateBundle(derBuf, &derSz, p7DefKey, sizeof(p7DefKey), 0, cert, certSz, key, keySz); if (ret <= 0) { return -11915; @@ -25680,7 +25692,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz) /* test choosing other key with keyID */ derSz = FOURK_BUF/2; - ret = generateBundle(derBuf, &derSz, altKey, sizeof(altKey), 1, + ret = generateBundle(derBuf, &derSz, p7AltKey, sizeof(p7AltKey), 1, cert, certSz, key, keySz); if (ret <= 0) { return -11917; @@ -25693,7 +25705,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz) /* test fail case with wrong keyID */ derSz = FOURK_BUF/2; - ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 1, + ret = generateBundle(derBuf, &derSz, p7DefKey, sizeof(p7DefKey), 1, cert, certSz, key, keySz); if (ret <= 0) { return -11919; @@ -28439,9 +28451,8 @@ int cryptocb_test(void) #endif #ifndef NO_PWDBASED #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) - ret = pbkdf2_test(); - if (ret != 0) - return ret; + if (ret == 0) + ret = pbkdf2_test(); #endif #endif