mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 15:50:51 +02:00
Merge pull request #10508 from JacobBarthelmeh/static_analysis_3
devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment
This commit is contained in:
@@ -318,6 +318,23 @@ static int RX64_HashGet(wolfssl_RX64_HW_Hash* hash, byte* out)
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* RX64 HW SHA rejects empty input; return the documented empty-message
|
||||
* digest instead. This matches the special case in RX64_HashFinal so
|
||||
* callers like wc_Sha256GetHash on a freshly-initialised state succeed. */
|
||||
if ((hash->msg == NULL) && (hash->len == 0) && (hash->used == 0))
|
||||
{
|
||||
if (hash->sha_type == RX64_SHA1) {
|
||||
XMEMCPY(out, DefaultShaHashData, sizeof(DefaultShaHashData));
|
||||
}
|
||||
else if (hash->sha_type == RX64_SHA224) {
|
||||
XMEMCPY(out, DefaultSha224HashData, sizeof(DefaultSha224HashData));
|
||||
}
|
||||
else if (hash->sha_type == RX64_SHA256) {
|
||||
XMEMCPY(out, DefaultSha256HashData, sizeof(DefaultSha256HashData));
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = RX64_ShaCalc(hash->msg, hash->len, out, hash->sha_type);
|
||||
if (ret != R_PROCESS_COMPLETE) {
|
||||
return ret;
|
||||
|
||||
@@ -64,6 +64,7 @@ int wc_DevCryptoEccKeyGen(int curveId, int enc, byte* pri, word32 priSz,
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
XMEMSET(&kop, 0, sizeof(kop));
|
||||
kop.crk_op = CRK_ECC_KEYGEN;
|
||||
kop.ses = ctx.sess.ses;
|
||||
kop.crk_flags = ecdsel;
|
||||
|
||||
@@ -89,11 +89,11 @@ static void wc_SetupRsaPrivate(struct crypt_kop* kop, WC_CRYPTODEV* dev,
|
||||
|
||||
if (dpSz == 0 || dqSz == 0) {
|
||||
kop->crk_param[inIdx].crp_p = n;
|
||||
kop->crk_param[inIdx].crp_nbits = dSz * WOLFSSL_BIT_SIZE;
|
||||
kop->crk_param[inIdx].crp_nbits = nSz * WOLFSSL_BIT_SIZE;
|
||||
inIdx++;
|
||||
|
||||
kop->crk_param[inIdx].crp_p = d;
|
||||
kop->crk_param[inIdx].crp_nbits = nSz * WOLFSSL_BIT_SIZE;
|
||||
kop->crk_param[inIdx].crp_nbits = dSz * WOLFSSL_BIT_SIZE;
|
||||
inIdx++;
|
||||
}
|
||||
else {
|
||||
|
||||
@@ -234,7 +234,7 @@ void wc_SetupCryptAead(struct crypt_auth_op* crt, WC_CRYPTODEV* dev,
|
||||
byte* src, word32 srcSz, byte* dst, byte* iv, word32 ivSz, int flag,
|
||||
byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz)
|
||||
{
|
||||
XMEMSET(crt, 0, sizeof(struct crypt_op));
|
||||
XMEMSET(crt, 0, sizeof(struct crypt_auth_op));
|
||||
crt->ses = dev->sess.ses;
|
||||
crt->src = src;
|
||||
crt->len = srcSz;
|
||||
|
||||
@@ -31,6 +31,12 @@
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#include <wolfssl/wolfcrypt/sha256.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#ifdef NO_INLINE
|
||||
#include <wolfssl/wolfcrypt/misc.h>
|
||||
#else
|
||||
#define WOLFSSL_MISC_INCLUDED
|
||||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#if defined(__DCACHE_PRESENT) && (__DCACHE_PRESENT == 1U) && defined(DCP_USE_DCACHE) && (DCP_USE_DCACHE == 1U)
|
||||
#error "DCACHE not supported by this driver. Please undefine DCP_USE_DCACHE."
|
||||
@@ -205,14 +211,18 @@ int DCPAesInit(Aes *aes)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static unsigned char aes_key_aligned[16] __attribute__((aligned(0x10)));
|
||||
|
||||
void DCPAesFree(Aes *aes)
|
||||
{
|
||||
dcp_lock();
|
||||
ForceZero(aes_key_aligned, sizeof(aes_key_aligned));
|
||||
dcp_unlock();
|
||||
dcp_free(aes->handle.channel);
|
||||
aes->handle.channel = 0;
|
||||
}
|
||||
|
||||
|
||||
static unsigned char aes_key_aligned[16] __attribute__((aligned(0x10)));
|
||||
int DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
int dir)
|
||||
{
|
||||
@@ -231,8 +241,9 @@ int DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
return WC_HW_E;
|
||||
}
|
||||
dcp_lock();
|
||||
memcpy(aes_key_aligned, key, 16);
|
||||
XMEMCPY(aes_key_aligned, key, 16);
|
||||
status = DCP_AES_SetKey(DCP, &aes->handle, aes_key_aligned, 16);
|
||||
ForceZero(aes_key_aligned, sizeof(aes_key_aligned));
|
||||
if (status != kStatus_Success)
|
||||
status = WC_HW_E;
|
||||
else {
|
||||
|
||||
@@ -565,6 +565,9 @@ int Tropic01_Deinit(void)
|
||||
WOLFSSL_MSG("TROPIC01: Crypto device deinitialized successfully");
|
||||
}
|
||||
|
||||
ForceZero(sh0priv, sizeof(sh0priv));
|
||||
ForceZero(sh0pub, sizeof(sh0pub));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
+8
-8
@@ -171,10 +171,10 @@ int wc_Rc2EcbEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
r10 = (in[1] << 8) | in[0]; /* R[0] */
|
||||
r32 = (in[3] << 8) | in[2]; /* R[1] */
|
||||
r54 = (in[5] << 8) | in[4]; /* R[2] */
|
||||
r76 = (in[7] << 8) | in[6]; /* R[3] */
|
||||
r10 = (word16)((word16)in[1] << 8) | in[0]; /* R[0] */
|
||||
r32 = (word16)((word16)in[3] << 8) | in[2]; /* R[1] */
|
||||
r54 = (word16)((word16)in[5] << 8) | in[4]; /* R[2] */
|
||||
r76 = (word16)((word16)in[7] << 8) | in[6]; /* R[3] */
|
||||
|
||||
for (i = 0; i < 16; i++) {
|
||||
j = i * 4;
|
||||
@@ -236,10 +236,10 @@ int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
r0 = (in[1] << 8) | in[0];
|
||||
r1 = (in[3] << 8) | in[2];
|
||||
r2 = (in[5] << 8) | in[4];
|
||||
r3 = (in[7] << 8) | in[6];
|
||||
r0 = (word16)((word16)in[1] << 8) | in[0];
|
||||
r1 = (word16)((word16)in[3] << 8) | in[2];
|
||||
r2 = (word16)((word16)in[5] << 8) | in[4];
|
||||
r3 = (word16)((word16)in[7] << 8) | in[6];
|
||||
|
||||
for (i = 16; i > 0; i--) {
|
||||
j = 4*i - 1;
|
||||
|
||||
Reference in New Issue
Block a user