mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 10:50:53 +02:00
fixes from CI testing and peer review:
wolfcrypt/src/tfm.c and wolfssl/wolfcrypt/tfm.h: fix for -Wdiscarded-qualifiers in ecc_check_order_minus_1(). wolfssl/wolfcrypt/types.h: in WC_BARRIER(), use XFENCE() too, for best possible barrier. fixes an ARM32 -Ofast -Wmaybe-uninitialized in blake2s_init_key(). wolfcrypt/src/asn_orig.c: set Stored flag after each allocation of a member that needs it. wolfcrypt/src/signature.c: in wc_SignatureGetSize(), provide for legacy FIPS non-const-arg wc_ecc_sig_size() and wc_RsaEncryptSize().
This commit is contained in:
@@ -3182,6 +3182,7 @@ static int DecodeConstructedOtherName(DecodedCert* cert, const byte* input,
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
else {
|
||||
dnsEntry->nameStored = 1;
|
||||
XMEMCPY((void *)(wc_ptr_t)dnsEntry->name, &input[*idx],
|
||||
(size_t)strLen);
|
||||
((char *)(wc_ptr_t)dnsEntry->name)[strLen] = '\0';
|
||||
@@ -3272,6 +3273,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
|
||||
return MEMORY_E;
|
||||
}
|
||||
dnsEntry->nameStored = 1;
|
||||
dnsEntry->len = strLen;
|
||||
XMEMCPY((void *)(wc_ptr_t)dnsEntry->name, &input[idx],
|
||||
(size_t)strLen);
|
||||
@@ -3317,6 +3319,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
XFREE(dirEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
|
||||
return MEMORY_E;
|
||||
}
|
||||
dirEntry->nameStored = 1;
|
||||
dirEntry->len = strLen;
|
||||
XMEMCPY((void *)(wc_ptr_t)dirEntry->name, &input[idx],
|
||||
(size_t)strLen);
|
||||
@@ -3346,7 +3349,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
WOLFSSL_MSG("\tOut of Memory");
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
emailEntry->nameStored = 1;
|
||||
emailEntry->type = ASN_RFC822_TYPE;
|
||||
emailEntry->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap,
|
||||
DYNAMIC_TYPE_ALTNAME);
|
||||
@@ -3430,7 +3433,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
WOLFSSL_MSG("\tOut of Memory");
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
uriEntry->nameStored = 1;
|
||||
uriEntry->type = ASN_URI_TYPE;
|
||||
uriEntry->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap,
|
||||
DYNAMIC_TYPE_ALTNAME);
|
||||
@@ -3474,7 +3477,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
WOLFSSL_MSG("\tOut of Memory");
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
ipAddr->nameStored = 1;
|
||||
ipAddr->type = ASN_IP_TYPE;
|
||||
ipAddr->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap,
|
||||
DYNAMIC_TYPE_ALTNAME);
|
||||
@@ -3534,6 +3537,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
|
||||
XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME);
|
||||
return MEMORY_E;
|
||||
}
|
||||
rid->nameStored = 1;
|
||||
rid->len = strLen;
|
||||
XMEMCPY((void *)(wc_ptr_t)rid->name, &input[idx], strLen);
|
||||
((char *)(wc_ptr_t)rid->name)[strLen] = '\0';
|
||||
|
||||
@@ -95,7 +95,11 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type,
|
||||
#ifdef HAVE_ECC
|
||||
/* Sanity check that void* key is at least ecc_key in size */
|
||||
if (key_len >= sizeof(ecc_key)) {
|
||||
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0))
|
||||
sig_len = wc_ecc_sig_size((ecc_key*)(wc_ptr_t)key);
|
||||
#else
|
||||
sig_len = wc_ecc_sig_size((const ecc_key*)key);
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size");
|
||||
@@ -110,7 +114,11 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type,
|
||||
#ifndef NO_RSA
|
||||
/* Sanity check that void* key is at least RsaKey in size */
|
||||
if (key_len >= sizeof(RsaKey)) {
|
||||
#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0))
|
||||
sig_len = wc_RsaEncryptSize((RsaKey*)(wc_ptr_t)key);
|
||||
#else
|
||||
sig_len = wc_RsaEncryptSize((const RsaKey*)key);
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size");
|
||||
|
||||
+2
-2
@@ -4540,9 +4540,9 @@ int mp_exptmod_nct (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
|
||||
|
||||
|
||||
/* compare two ints (signed)*/
|
||||
int mp_cmp (mp_int * a, mp_int * b)
|
||||
int mp_cmp (const mp_int * a, const mp_int * b)
|
||||
{
|
||||
return fp_cmp(a, b);
|
||||
return fp_cmp((mp_int *)a, (mp_int *)b);
|
||||
}
|
||||
|
||||
/* compare a digit */
|
||||
|
||||
@@ -843,7 +843,7 @@ MP_API int mp_2expt(mp_int* a, int b);
|
||||
|
||||
MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
|
||||
|
||||
MP_API int mp_cmp(mp_int *a, mp_int *b);
|
||||
MP_API int mp_cmp(const mp_int *a, const mp_int *b);
|
||||
#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
|
||||
MP_API int mp_cmp_d(mp_int *a, mp_digit b);
|
||||
|
||||
|
||||
@@ -489,7 +489,11 @@ enum {
|
||||
static WC_INLINE WARN_UNUSED_RESULT int WC_WUR_INT(int x) { return x; }
|
||||
#endif
|
||||
|
||||
#define WC_BARRIER() do { volatile byte _xfence = 0; (void)_xfence; } while(0)
|
||||
/* XFENCE() is a no-op on some targets. WC_BARRIER() uses C89 intrinsics as an
|
||||
* additional portable barrier.
|
||||
*/
|
||||
#define WC_BARRIER() do { volatile byte _xfence = 0; (void)_xfence; XFENCE(); \
|
||||
} while(0)
|
||||
|
||||
#ifdef WORD64_AVAILABLE
|
||||
#define WC_MAX_UINT_OF(x) \
|
||||
|
||||
Reference in New Issue
Block a user