diff --git a/wolfcrypt/src/asn_orig.c b/wolfcrypt/src/asn_orig.c index 3b476bb46c..9ecb821d3a 100644 --- a/wolfcrypt/src/asn_orig.c +++ b/wolfcrypt/src/asn_orig.c @@ -3182,6 +3182,7 @@ static int DecodeConstructedOtherName(DecodedCert* cert, const byte* input, ret = MEMORY_E; } else { + dnsEntry->nameStored = 1; XMEMCPY((void *)(wc_ptr_t)dnsEntry->name, &input[*idx], (size_t)strLen); ((char *)(wc_ptr_t)dnsEntry->name)[strLen] = '\0'; @@ -3272,6 +3273,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME); return MEMORY_E; } + dnsEntry->nameStored = 1; dnsEntry->len = strLen; XMEMCPY((void *)(wc_ptr_t)dnsEntry->name, &input[idx], (size_t)strLen); @@ -3317,6 +3319,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) XFREE(dirEntry, cert->heap, DYNAMIC_TYPE_ALTNAME); return MEMORY_E; } + dirEntry->nameStored = 1; dirEntry->len = strLen; XMEMCPY((void *)(wc_ptr_t)dirEntry->name, &input[idx], (size_t)strLen); @@ -3346,7 +3349,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) WOLFSSL_MSG("\tOut of Memory"); return MEMORY_E; } - + emailEntry->nameStored = 1; emailEntry->type = ASN_RFC822_TYPE; emailEntry->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap, DYNAMIC_TYPE_ALTNAME); @@ -3430,7 +3433,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) WOLFSSL_MSG("\tOut of Memory"); return MEMORY_E; } - + uriEntry->nameStored = 1; uriEntry->type = ASN_URI_TYPE; uriEntry->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap, DYNAMIC_TYPE_ALTNAME); @@ -3474,7 +3477,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) WOLFSSL_MSG("\tOut of Memory"); return MEMORY_E; } - + ipAddr->nameStored = 1; ipAddr->type = ASN_IP_TYPE; ipAddr->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap, DYNAMIC_TYPE_ALTNAME); @@ -3534,6 +3537,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert) XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME); return MEMORY_E; } + rid->nameStored = 1; rid->len = strLen; XMEMCPY((void *)(wc_ptr_t)rid->name, &input[idx], strLen); ((char *)(wc_ptr_t)rid->name)[strLen] = '\0'; diff --git a/wolfcrypt/src/signature.c b/wolfcrypt/src/signature.c index c137c007a5..fffbaf16c3 100644 --- a/wolfcrypt/src/signature.c +++ b/wolfcrypt/src/signature.c @@ -95,7 +95,11 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type, #ifdef HAVE_ECC /* Sanity check that void* key is at least ecc_key in size */ if (key_len >= sizeof(ecc_key)) { +#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0)) + sig_len = wc_ecc_sig_size((ecc_key*)(wc_ptr_t)key); +#else sig_len = wc_ecc_sig_size((const ecc_key*)key); +#endif } else { WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size"); @@ -110,7 +114,11 @@ int wc_SignatureGetSize(enum wc_SignatureType sig_type, #ifndef NO_RSA /* Sanity check that void* key is at least RsaKey in size */ if (key_len >= sizeof(RsaKey)) { +#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && FIPS_VERSION3_LT(5,0,0)) + sig_len = wc_RsaEncryptSize((RsaKey*)(wc_ptr_t)key); +#else sig_len = wc_RsaEncryptSize((const RsaKey*)key); +#endif } else { WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size"); diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index 06341879e8..e521200ce5 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -4540,9 +4540,9 @@ int mp_exptmod_nct (mp_int * G, mp_int * X, mp_int * P, mp_int * Y) /* compare two ints (signed)*/ -int mp_cmp (mp_int * a, mp_int * b) +int mp_cmp (const mp_int * a, const mp_int * b) { - return fp_cmp(a, b); + return fp_cmp((mp_int *)a, (mp_int *)b); } /* compare a digit */ diff --git a/wolfssl/wolfcrypt/tfm.h b/wolfssl/wolfcrypt/tfm.h index 20fe4ae8c4..3868ca6402 100644 --- a/wolfssl/wolfcrypt/tfm.h +++ b/wolfssl/wolfcrypt/tfm.h @@ -843,7 +843,7 @@ MP_API int mp_2expt(mp_int* a, int b); MP_API int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d); -MP_API int mp_cmp(mp_int *a, mp_int *b); +MP_API int mp_cmp(const mp_int *a, const mp_int *b); #define mp_cmp_ct(a, b, n) mp_cmp(a, b) MP_API int mp_cmp_d(mp_int *a, mp_digit b); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index db12476a86..e1a8a964f5 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -489,7 +489,11 @@ enum { static WC_INLINE WARN_UNUSED_RESULT int WC_WUR_INT(int x) { return x; } #endif -#define WC_BARRIER() do { volatile byte _xfence = 0; (void)_xfence; } while(0) +/* XFENCE() is a no-op on some targets. WC_BARRIER() uses C89 intrinsics as an + * additional portable barrier. + */ +#define WC_BARRIER() do { volatile byte _xfence = 0; (void)_xfence; XFENCE(); \ + } while(0) #ifdef WORD64_AVAILABLE #define WC_MAX_UINT_OF(x) \