wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1625 from JacobBarthelmeh/Testing

Browse Source 
memory management with test cases
This commit is contained in:
toddouska
2018-06-19 14:41:18 -07:00
committed by GitHub
parent e348522353 d8e278b6b3
commit d481a3fb92
5 changed files with 126 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/ssl.c
View File

@@ -15613,8 +15613,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_X509_get_pubkey(WOLFSSL_X509* x509)
if (wolfSSL_RSA_LoadDer_ex(key->rsa, if (wolfSSL_RSA_LoadDer_ex(key->rsa,
(const unsigned char*)key->pkey.ptr, key->pkey_sz, (const unsigned char*)key->pkey.ptr, key->pkey_sz,
WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) { WOLFSSL_RSA_LOAD_PUBLIC) != SSL_SUCCESS) {
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL_RSA_free(key->rsa); wolfSSL_RSA_free(key->rsa);
XFREE(key, x509->heap, DYNAMIC_TYPE_PUBLIC_KEY);
return NULL; return NULL;
} }
} }
@@ -28654,8 +28654,10 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
return NULL; return NULL;
i = 0; i = 0;
if (wc_PemGetHeaderFooter(CERT_TYPE, NULL, &footer) != 0) if (wc_PemGetHeaderFooter(CERT_TYPE, NULL, &footer) != 0) {
XFREE(pem, 0, DYNAMIC_TYPE_PEM);
return NULL; return NULL;
}
/* TODO: Inefficient /* TODO: Inefficient
* reading in one byte at a time until see "END CERTIFICATE" * reading in one byte at a time until see "END CERTIFICATE"

62
tests/api.c
View File

@@ -14651,23 +14651,25 @@ static void test_wc_PKCS7_EncodeDecodeEnvelopedData (void)
/* RSA certs and keys. */ /* RSA certs and keys. */
#if defined(USE_CERT_BUFFERS_1024) #if defined(USE_CERT_BUFFERS_1024)
/* Allocate buffer space. */ /* Allocate buffer space. */
rsaCert = (byte*)XMALLOC(ONEK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(rsaCert =
(byte*)XMALLOC(ONEK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */ /* Init buffer. */
rsaCertSz = (word32)sizeof_client_cert_der_1024; rsaCertSz = (word32)sizeof_client_cert_der_1024;
XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz); XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
rsaPrivKey = (byte*)XMALLOC(ONEK_BUF, HEAP_HINT, AssertNotNull(rsaPrivKey = (byte*)XMALLOC(ONEK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER));
rsaPrivKeySz = (word32)sizeof_client_key_der_1024; rsaPrivKeySz = (word32)sizeof_client_key_der_1024;
XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz); XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
#elif defined(USE_CERT_BUFFERS_2048) #elif defined(USE_CERT_BUFFERS_2048)
/* Allocate buffer */ /* Allocate buffer */
rsaCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(rsaCert =
(byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */ /* Init buffer. */
rsaCertSz = (word32)sizeof_client_cert_der_2048; rsaCertSz = (word32)sizeof_client_cert_der_2048;
XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz); XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
rsaPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, AssertNotNull(rsaPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER));
rsaPrivKeySz = (word32)sizeof_client_key_der_2048; rsaPrivKeySz = (word32)sizeof_client_key_der_2048;
XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz); XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
@@ -14676,13 +14678,14 @@ static void test_wc_PKCS7_EncodeDecodeEnvelopedData (void)
certFile = fopen(rsaClientCert, "rb"); certFile = fopen(rsaClientCert, "rb");
AssertNotNull(certFile); AssertNotNull(certFile);
rsaCertSz = (word32)FOURK_BUF; rsaCertSz = (word32)FOURK_BUF;
rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(rsaCert =
(byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
rsaCertSz = (word32)fread(rsaCert, 1, rsaCertSz, certFile); rsaCertSz = (word32)fread(rsaCert, 1, rsaCertSz, certFile);
fclose(certFile); fclose(certFile);
keyFile = fopen(rsaClientKey, "rb"); keyFile = fopen(rsaClientKey, "rb");
AssertNotNull(keyFile); AssertNotNull(keyFile);
rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, AssertNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER));
rsaPrivKeySz = (word32)FOURK_BUF; rsaPrivKeySz = (word32)FOURK_BUF;
rsaPrivKeySz = (word32)fread(rsaPrivKey, 1, rsaPrivKeySz, keyFile); rsaPrivKeySz = (word32)fread(rsaPrivKey, 1, rsaPrivKeySz, keyFile);
fclose(keyFile); fclose(keyFile);
@@ -14694,26 +14697,28 @@ static void test_wc_PKCS7_EncodeDecodeEnvelopedData (void)
!defined(NO_SHA256) || !defined(NO_SHA512))) !defined(NO_SHA256) || !defined(NO_SHA512)))
#ifdef USE_CERT_BUFFERS_256 #ifdef USE_CERT_BUFFERS_256
eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(eccCert =
(byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
/* Init buffer. */ /* Init buffer. */
eccCertSz = (word32)sizeof_cliecc_cert_der_256; eccCertSz = (word32)sizeof_cliecc_cert_der_256;
XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz); XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, AssertNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER));
eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256; eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256;
XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz); XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
#else /* File system. */ #else /* File system. */
certFile = fopen(eccClientCert, "rb"); certFile = fopen(eccClientCert, "rb");
AssertNotNull(certFile); AssertNotNull(certFile);
eccCertSz = (word32)FOURK_BUF; eccCertSz = (word32)FOURK_BUF;
eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(eccCert =
(byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
eccCertSz = (word32)fread(eccCert, 1, eccCertSz, certFile); eccCertSz = (word32)fread(eccCert, 1, eccCertSz, certFile);
fclose(certFile); fclose(certFile);
keyFile = fopen(eccClientKey, "rb"); keyFile = fopen(eccClientKey, "rb");
AssertNotNull(keyFile); AssertNotNull(keyFile);
eccPrivKeySz = (word32)FOURK_BUF; eccPrivKeySz = (word32)FOURK_BUF;
eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, AssertNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER));
eccPrivKeySz = (word32)fread(eccPrivKey, 1, eccPrivKeySz, keyFile); eccPrivKeySz = (word32)fread(eccPrivKey, 1, eccPrivKeySz, keyFile);
fclose(keyFile); fclose(keyFile);
#endif /* USE_CERT_BUFFERS_256 */ #endif /* USE_CERT_BUFFERS_256 */
@@ -18654,14 +18659,16 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
printf(testingFmt, "wolfSSL_ASN1_TIME_to_generalizedtime()"); printf(testingFmt, "wolfSSL_ASN1_TIME_to_generalizedtime()");
/* UTC Time test */ /* UTC Time test */
t = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(t = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
NULL, DYNAMIC_TYPE_TMP_BUFFER));
XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE); XMEMSET(t->data, 0, ASN_GENERALIZED_TIME_SIZE);
out = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME), NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(out = (WOLFSSL_ASN1_TIME*)XMALLOC(sizeof(WOLFSSL_ASN1_TIME),
NULL, DYNAMIC_TYPE_TMP_BUFFER));
t->data[0] = ASN_UTC_TIME; t->data[0] = ASN_UTC_TIME;
t->data[1] = ASN_UTC_TIME_SIZE; t->data[1] = ASN_UTC_TIME_SIZE;
XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE); XMEMCPY(t->data + 2,"050727123456Z",ASN_UTC_TIME_SIZE);
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out); AssertNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME); AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE); AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z"); AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
@@ -18673,7 +18680,7 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
t->data[0] = ASN_GENERALIZED_TIME; t->data[0] = ASN_GENERALIZED_TIME;
t->data[1] = ASN_GENERALIZED_TIME_SIZE; t->data[1] = ASN_GENERALIZED_TIME_SIZE;
XMEMCPY(t->data + 2,"20050727123456Z",ASN_GENERALIZED_TIME_SIZE); XMEMCPY(t->data + 2,"20050727123456Z",ASN_GENERALIZED_TIME_SIZE);
gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out); AssertNotNull(gtime = wolfSSL_ASN1_TIME_to_generalizedtime(t, &out));
AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME); AssertIntEQ(gtime->data[0], ASN_GENERALIZED_TIME);
AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE); AssertIntEQ(gtime->data[1], ASN_GENERALIZED_TIME_SIZE);
AssertStrEQ((char*)gtime->data + 2, "20050727123456Z"); AssertStrEQ((char*)gtime->data + 2, "20050727123456Z");
@@ -19757,7 +19764,8 @@ static void test_wolfSSL_i2c_ASN1_INTEGER()
a->intData[2] = 40; a->intData[2] = 40;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1); AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp; tpp = pp;
XMEMSET(pp, 0, ret + 1); XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp); wolfSSL_i2c_ASN1_INTEGER(a, &pp);
@@ -19771,7 +19779,8 @@ static void test_wolfSSL_i2c_ASN1_INTEGER()
a->intData[2] = 128; a->intData[2] = 128;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 2); AssertIntEQ(ret, 2);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp; tpp = pp;
XMEMSET(pp, 0, ret + 1); XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp); wolfSSL_i2c_ASN1_INTEGER(a, &pp);
@@ -19787,7 +19796,8 @@ static void test_wolfSSL_i2c_ASN1_INTEGER()
a->negative = 1; a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1); AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp; tpp = pp;
XMEMSET(pp, 0, ret + 1); XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp); wolfSSL_i2c_ASN1_INTEGER(a, &pp);
@@ -19802,7 +19812,8 @@ static void test_wolfSSL_i2c_ASN1_INTEGER()
a->negative = 1; a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 1); AssertIntEQ(ret, 1);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp; tpp = pp;
XMEMSET(pp, 0, ret + 1); XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp); wolfSSL_i2c_ASN1_INTEGER(a, &pp);
@@ -19817,7 +19828,8 @@ static void test_wolfSSL_i2c_ASN1_INTEGER()
a->negative = 1; a->negative = 1;
ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL); ret = wolfSSL_i2c_ASN1_INTEGER(a, NULL);
AssertIntEQ(ret, 2); AssertIntEQ(ret, 2);
pp = (unsigned char*)XMALLOC(ret + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); AssertNotNull(pp = (unsigned char*)XMALLOC(ret + 1, NULL,
DYNAMIC_TYPE_TMP_BUFFER));
tpp = pp; tpp = pp;
XMEMSET(pp, 0, ret + 1); XMEMSET(pp, 0, ret + 1);
wolfSSL_i2c_ASN1_INTEGER(a, &pp); wolfSSL_i2c_ASN1_INTEGER(a, &pp);

5
wolfcrypt/src/asn.c
View File

@@ -10885,8 +10885,11 @@ static int SignCert(int requestSz, int sType, byte* buffer, word32 buffSz,
sigSz = MakeSignature(certSignCtx, buffer, requestSz, certSignCtx->sig, sigSz = MakeSignature(certSignCtx, buffer, requestSz, certSignCtx->sig,
MAX_ENCODED_SIG_SZ, rsaKey, eccKey, ed25519Key, rng, sType, heap); MAX_ENCODED_SIG_SZ, rsaKey, eccKey, ed25519Key, rng, sType, heap);
if (sigSz == WC_PENDING_E) if (sigSz == WC_PENDING_E) {
/* Not free'ing certSignCtx->sig here because it could still be in use
* with async operations. */
return sigSz; return sigSz;
}
if (sigSz >= 0) { if (sigSz >= 0) {
if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz)

1
wolfcrypt/src/pkcs7.c
View File

@@ -5047,6 +5047,7 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz,
/* go back and check the version now that attribs have been processed */ /* go back and check the version now that attribs have been processed */
if ((haveAttribs == 0 && version != 0) || if ((haveAttribs == 0 && version != 0) ||
(haveAttribs == 1 && version != 2) ) { (haveAttribs == 1 && version != 2) ) {
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
WOLFSSL_MSG("Wrong PKCS#7 EncryptedData version"); WOLFSSL_MSG("Wrong PKCS#7 EncryptedData version");
return ASN_VERSION_E; return ASN_VERSION_E;
} }

125
wolfcrypt/test/test.c
View File

@@ -13009,8 +13009,8 @@ int openssl_test(void)
int openSSL_evpMD_test(void) int openSSL_evpMD_test(void)
{ {
int ret = 0;
#if !defined(NO_SHA256) && !defined(NO_SHA) #if !defined(NO_SHA256) && !defined(NO_SHA)
int ret ;
WOLFSSL_EVP_MD_CTX* ctx; WOLFSSL_EVP_MD_CTX* ctx;
WOLFSSL_EVP_MD_CTX* ctx2; WOLFSSL_EVP_MD_CTX* ctx2;
@@ -13019,45 +13019,56 @@ int openSSL_evpMD_test(void)
ret = EVP_DigestInit(ctx, EVP_sha256()); ret = EVP_DigestInit(ctx, EVP_sha256());
if (ret != SSL_SUCCESS) { if (ret != SSL_SUCCESS) {
return -7600; ret = -7600;
goto openSSL_evpMD_test_done;
} }
ret = EVP_MD_CTX_copy(ctx2, ctx); ret = EVP_MD_CTX_copy(ctx2, ctx);
if (ret != SSL_SUCCESS) { if (ret != SSL_SUCCESS) {
return -7601; ret = -7601;
goto openSSL_evpMD_test_done;
} }
if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) { if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) {
return -7602; ret = -7602;
goto openSSL_evpMD_test_done;
} }
ret = EVP_DigestInit(ctx, EVP_sha1()); ret = EVP_DigestInit(ctx, EVP_sha1());
if (ret != SSL_SUCCESS) { if (ret != SSL_SUCCESS) {
return -7603; ret = -7603;
goto openSSL_evpMD_test_done;
} }
if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) { if (EVP_MD_type(EVP_sha256()) != EVP_MD_CTX_type(ctx2)) {
return -7604; ret = -7604;
goto openSSL_evpMD_test_done;
} }
ret = EVP_MD_CTX_copy_ex(ctx2, ctx); ret = EVP_MD_CTX_copy_ex(ctx2, ctx);
if (ret != SSL_SUCCESS) { if (ret != SSL_SUCCESS) {
return -7605; ret = -7605;
goto openSSL_evpMD_test_done;
} }
if (EVP_MD_type(EVP_sha256()) == EVP_MD_CTX_type(ctx2)) { if (EVP_MD_type(EVP_sha256()) == EVP_MD_CTX_type(ctx2)) {
return -7606; ret = -7606;
goto openSSL_evpMD_test_done;
} }
if (EVP_MD_type(EVP_sha1()) != EVP_MD_CTX_type(ctx2)) { if (EVP_MD_type(EVP_sha1()) != EVP_MD_CTX_type(ctx2)) {
return -7607; ret = -7607;
goto openSSL_evpMD_test_done;
} }
ret = 0; /* got to success state without jumping to end with a fail */
openSSL_evpMD_test_done:
EVP_MD_CTX_destroy(ctx); EVP_MD_CTX_destroy(ctx);
EVP_MD_CTX_destroy(ctx2); EVP_MD_CTX_destroy(ctx2);
#endif /* NO_SHA256 */ #endif /* NO_SHA256 */
return 0; return ret;
} }
#ifdef DEBUG_SIGN #ifdef DEBUG_SIGN
@@ -13078,19 +13089,19 @@ static void show(const char *title, const char *p, unsigned int s) {
#define ERR_BASE_PKEY -5000 #define ERR_BASE_PKEY -5000
int openssl_pkey0_test(void) int openssl_pkey0_test(void)
{ {
int ret = 0;
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(NO_SHA) #if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(NO_SHA)
byte* prvTmp; byte* prvTmp;
byte* pubTmp; byte* pubTmp;
int prvBytes; int prvBytes;
int pubBytes; int pubBytes;
RSA *prvRsa; RSA *prvRsa = NULL;
RSA *pubRsa; RSA *pubRsa = NULL;
EVP_PKEY *prvPkey; EVP_PKEY *prvPkey = NULL;
EVP_PKEY *pubPkey; EVP_PKEY *pubPkey = NULL;
EVP_PKEY_CTX *enc; EVP_PKEY_CTX *enc = NULL;
EVP_PKEY_CTX *dec; EVP_PKEY_CTX *dec = NULL;
int ret;
byte in[] = "Everyone gets Friday off."; byte in[] = "Everyone gets Friday off.";
byte out[256]; byte out[256];
size_t outlen; size_t outlen;
@@ -13107,8 +13118,10 @@ int openssl_pkey0_test(void)
if (prvTmp == NULL) if (prvTmp == NULL)
return ERR_BASE_PKEY-1; return ERR_BASE_PKEY-1;
pubTmp = (byte*)XMALLOC(FOURK_BUFF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); pubTmp = (byte*)XMALLOC(FOURK_BUFF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pubTmp == NULL) if (pubTmp == NULL) {
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return ERR_BASE_PKEY-2; return ERR_BASE_PKEY-2;
}
#ifdef USE_CERT_BUFFERS_1024 #ifdef USE_CERT_BUFFERS_1024
XMEMCPY(prvTmp, client_key_der_1024, sizeof_client_key_der_1024); XMEMCPY(prvTmp, client_key_der_1024, sizeof_client_key_der_1024);
@@ -13123,41 +13136,46 @@ int openssl_pkey0_test(void)
#else #else
keyFile = fopen(cliKey, "rb"); keyFile = fopen(cliKey, "rb");
if (!keyFile) { if (!keyFile) {
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
err_sys("can't open ./certs/client-key.der, " err_sys("can't open ./certs/client-key.der, "
"Please run from wolfSSL home dir", ERR_BASE_PKEY-3); "Please run from wolfSSL home dir", ERR_BASE_PKEY-3);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return ERR_BASE_PKEY-3; return ERR_BASE_PKEY-3;
} }
prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile); prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile);
fclose(keyFile); fclose(keyFile);
keypubFile = fopen(cliKeypub, "rb"); keypubFile = fopen(cliKeypub, "rb");
if (!keypubFile) { if (!keypubFile) {
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
err_sys("can't open ./certs/client-cert.der, " err_sys("can't open ./certs/client-cert.der, "
"Please run from wolfSSL home dir", -4); "Please run from wolfSSL home dir", -4);
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return ERR_BASE_PKEY-4; return ERR_BASE_PKEY-4;
} }
pubBytes = (int)fread(pubTmp, 1, (int)FOURK_BUFF, keypubFile); pubBytes = (int)fread(pubTmp, 1, (int)FOURK_BUFF, keypubFile);
fclose(keypubFile); fclose(keypubFile);
#endif /* USE_CERT_BUFFERS */ #endif /* USE_CERT_BUFFERS */
prvRsa = wolfSSL_RSA_new(); prvRsa = wolfSSL_RSA_new();
pubRsa = wolfSSL_RSA_new(); pubRsa = wolfSSL_RSA_new();
if((prvRsa == NULL) || (pubRsa == NULL)){ if((prvRsa == NULL) || (pubRsa == NULL)){
printf("error with RSA_new\n"); printf("error with RSA_new\n");
return ERR_BASE_PKEY-10; ret = ERR_BASE_PKEY-10;
goto openssl_pkey0_test_done;
} }
ret = wolfSSL_RSA_LoadDer_ex(prvRsa, prvTmp, prvBytes, WOLFSSL_RSA_LOAD_PRIVATE); ret = wolfSSL_RSA_LoadDer_ex(prvRsa, prvTmp, prvBytes, WOLFSSL_RSA_LOAD_PRIVATE);
if(ret != SSL_SUCCESS){ if(ret != SSL_SUCCESS){
printf("error with RSA_LoadDer_ex\n"); printf("error with RSA_LoadDer_ex\n");
return ERR_BASE_PKEY-11; ret = ERR_BASE_PKEY-11;
goto openssl_pkey0_test_done;
} }
ret = wolfSSL_RSA_LoadDer_ex(pubRsa, pubTmp, pubBytes, WOLFSSL_RSA_LOAD_PUBLIC); ret = wolfSSL_RSA_LoadDer_ex(pubRsa, pubTmp, pubBytes, WOLFSSL_RSA_LOAD_PUBLIC);
if(ret != SSL_SUCCESS){ if(ret != SSL_SUCCESS){
printf("error with RSA_LoadDer_ex\n"); printf("error with RSA_LoadDer_ex\n");
return ERR_BASE_PKEY-12; ret = ERR_BASE_PKEY-12;
goto openssl_pkey0_test_done;
} }
keySz = (size_t)RSA_size(pubRsa); keySz = (size_t)RSA_size(pubRsa);
@@ -13165,37 +13183,43 @@ int openssl_pkey0_test(void)
pubPkey = wolfSSL_PKEY_new(); pubPkey = wolfSSL_PKEY_new();
if((prvPkey == NULL) || (pubPkey == NULL)){ if((prvPkey == NULL) || (pubPkey == NULL)){
printf("error with PKEY_new\n"); printf("error with PKEY_new\n");
return ERR_BASE_PKEY-13; ret = ERR_BASE_PKEY-13;
goto openssl_pkey0_test_done;
} }
ret = wolfSSL_EVP_PKEY_set1_RSA(prvPkey, prvRsa); ret = wolfSSL_EVP_PKEY_set1_RSA(prvPkey, prvRsa);
ret += wolfSSL_EVP_PKEY_set1_RSA(pubPkey, pubRsa); ret += wolfSSL_EVP_PKEY_set1_RSA(pubPkey, pubRsa);
if(ret != 2){ if(ret != 2){
printf("error with PKEY_set1_RSA\n"); printf("error with PKEY_set1_RSA\n");
return ERR_BASE_PKEY-14; ret = ERR_BASE_PKEY-14;
goto openssl_pkey0_test_done;
} }
dec = EVP_PKEY_CTX_new(prvPkey, NULL); dec = EVP_PKEY_CTX_new(prvPkey, NULL);
enc = EVP_PKEY_CTX_new(pubPkey, NULL); enc = EVP_PKEY_CTX_new(pubPkey, NULL);
if((dec == NULL)||(enc==NULL)){ if((dec == NULL)||(enc==NULL)){
printf("error with EVP_PKEY_CTX_new\n"); printf("error with EVP_PKEY_CTX_new\n");
return ERR_BASE_PKEY-15; ret = ERR_BASE_PKEY-15;
goto openssl_pkey0_test_done;
} }
ret = EVP_PKEY_decrypt_init(dec); ret = EVP_PKEY_decrypt_init(dec);
if (ret != 1) { if (ret != 1) {
printf("error with decrypt init\n"); printf("error with decrypt init\n");
return ERR_BASE_PKEY-16; ret = ERR_BASE_PKEY-16;
goto openssl_pkey0_test_done;
} }
ret = EVP_PKEY_encrypt_init(enc); ret = EVP_PKEY_encrypt_init(enc);
if (ret != 1) { if (ret != 1) {
printf("error with encrypt init\n"); printf("error with encrypt init\n");
return ERR_BASE_PKEY-17; ret = ERR_BASE_PKEY-17;
goto openssl_pkey0_test_done;
} }
XMEMSET(out, 0, sizeof(out)); XMEMSET(out, 0, sizeof(out));
ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in));
if (ret != 1) { if (ret != 1) {
printf("error encrypting msg\n"); printf("error encrypting msg\n");
return ERR_BASE_PKEY-18; ret = ERR_BASE_PKEY-18;
goto openssl_pkey0_test_done;
} }
show("encrypted msg", out, outlen); show("encrypted msg", out, outlen);
@@ -13204,7 +13228,8 @@ int openssl_pkey0_test(void)
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz);
if (ret != 1) { if (ret != 1) {
printf("error decrypting msg\n"); printf("error decrypting msg\n");
return ERR_BASE_PKEY-19; ret = ERR_BASE_PKEY-19;
goto openssl_pkey0_test_done;
} }
show("decrypted msg", plain, outlen); show("decrypted msg", plain, outlen);
@@ -13212,28 +13237,33 @@ int openssl_pkey0_test(void)
ret = EVP_PKEY_decrypt_init(dec); ret = EVP_PKEY_decrypt_init(dec);
if (ret != 1) { if (ret != 1) {
printf("error with decrypt init\n"); printf("error with decrypt init\n");
return ERR_BASE_PKEY-30; ret = ERR_BASE_PKEY-30;
goto openssl_pkey0_test_done;
} }
ret = EVP_PKEY_encrypt_init(enc); ret = EVP_PKEY_encrypt_init(enc);
if (ret != 1) { if (ret != 1) {
printf("error with encrypt init\n"); printf("error with encrypt init\n");
return ERR_BASE_PKEY-31; ret = ERR_BASE_PKEY-31;
goto openssl_pkey0_test_done;
} }
if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_PADDING) <= 0) { if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_PADDING) <= 0) {
printf("first set rsa padding error\n"); printf("first set rsa padding error\n");
return ERR_BASE_PKEY-32; ret = ERR_BASE_PKEY-32;
goto openssl_pkey0_test_done;
} }
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_OAEP_PADDING) <= 0){ if (EVP_PKEY_CTX_set_rsa_padding(dec, RSA_PKCS1_OAEP_PADDING) <= 0){
printf("second set rsa padding error\n"); printf("second set rsa padding error\n");
return ERR_BASE_PKEY-33; ret = ERR_BASE_PKEY-33;
goto openssl_pkey0_test_done;
} }
if (EVP_PKEY_CTX_set_rsa_padding(enc, RSA_PKCS1_OAEP_PADDING) <= 0) { if (EVP_PKEY_CTX_set_rsa_padding(enc, RSA_PKCS1_OAEP_PADDING) <= 0) {
printf("third set rsa padding error\n"); printf("third set rsa padding error\n");
return ERR_BASE_PKEY-34; ret = ERR_BASE_PKEY-34;
goto openssl_pkey0_test_done;
} }
#endif #endif
@@ -13241,7 +13271,8 @@ int openssl_pkey0_test(void)
ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in)); ret = EVP_PKEY_encrypt(enc, out, &outlen, in, sizeof(in));
if (ret != 1) { if (ret != 1) {
printf("error encrypting msg\n"); printf("error encrypting msg\n");
return ERR_BASE_PKEY-35; ret = ERR_BASE_PKEY-35;
goto openssl_pkey0_test_done;
} }
show("encrypted msg", out, outlen); show("encrypted msg", out, outlen);
@@ -13250,11 +13281,15 @@ int openssl_pkey0_test(void)
ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz); ret = EVP_PKEY_decrypt(dec, plain, &outlen, out, keySz);
if (ret != 1) { if (ret != 1) {
printf("error decrypting msg\n"); printf("error decrypting msg\n");
return ERR_BASE_PKEY-36; ret = ERR_BASE_PKEY-36;
goto openssl_pkey0_test_done;
} }
show("decrypted msg", plain, outlen); show("decrypted msg", plain, outlen);
ret = 0; /* made it to this point without error then set success */
openssl_pkey0_test_done:
wolfSSL_RSA_free(prvRsa); wolfSSL_RSA_free(prvRsa);
wolfSSL_RSA_free(pubRsa); wolfSSL_RSA_free(pubRsa);
EVP_PKEY_free(pubPkey); EVP_PKEY_free(pubPkey);
@@ -13265,8 +13300,7 @@ int openssl_pkey0_test(void)
XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pubTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif /* NO_RSA */ #endif /* NO_RSA */
return 0; return ret;
} }
@@ -13467,9 +13501,10 @@ int openssl_evpSig_test()
#else #else
keyFile = fopen(cliKey, "rb"); keyFile = fopen(cliKey, "rb");
if (!keyFile) { if (!keyFile) {
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
err_sys("can't open ./certs/client-key.der, " err_sys("can't open ./certs/client-key.der, "
"Please run from wolfSSL home dir", -40); "Please run from wolfSSL home dir", -40);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
return ERR_BASE_EVPSIG-3; return ERR_BASE_EVPSIG-3;
} }
prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile); prvBytes = (int)fread(prvTmp, 1, (int)FOURK_BUFF, keyFile);